Title:- Junior Cyber Security Risk Analyst Length:- Permanent Location:- Sydney Junior Cyber Risk / Cybersecurity Analyst A junior consulting role supporting cyber risk assessments, advisory services and uplift programs for Not-for-Profit organisations across Australia. This position is ideal for someone early in their cyber career who enjoys learning quickly, working with people, and turning security concepts into practical actions. Role Overview You will support cyber engagements end-to-end under the guidance of senior consultants, helping assess risks, document findings, develop recommendations, and improve governance. You’ll build strong foundations across risk assessment, policy, controls, incident readiness and stakeholder engagement, while contributing to consistent, scalable practices as the cyber function grows. Key Responsibilities • Support cyber risk assessments for Not-for-Profit organisations, helping identify risks and document clear, practical recommendations • Assist with governance, policy and security control reviews, including uplift planning and remediation tracking • Contribute to incident readiness activities such as basic tabletop exercises, response documentation and lessons learned • Support third-party risk management activities including evidence collection, vendor questionnaires and risk analysis • Help develop, review and maintain security policies, procedures and governance artefacts • Assist with mapping controls and practices to recognised security frameworks and standards • Support engagement delivery through meeting notes, reporting, action tracking and quality assurance • Contribute to internal knowledge sharing, templates and continuous improvement initiatives • Stay across emerging cyber threats, risks and good practice relevant to the Not-for-Profit sector Experience Needed • Around 2 years’ experience in cyber security, information security, IT risk, GRC or a related technology role • Exposure to cyber risk, security controls, governance or compliance through work experience, internships or formal study • Basic understanding of common security frameworks or standards is desirable but not essential • Some experience engaging with internal stakeholders or supporting client-facing work is beneficial • Strong written and verbal communication skills with the ability to explain technical concepts clearly What You Bring A curious, practical mindset and a willingness to learn. You can communicate clearly, build trust with stakeholders, and translate technical concepts into simple, usable guidance for resource-constrained Not-for-Profit environments. You’re comfortable working through ambiguity, taking direction, and contributing to meaningful security outcomes for organisations supporting vulnerable communities. If you would like more information please contact Sarah Brown sarah.brown@talentweb.com.au
