GRC Cyber Analyst

A career at Arup offers you the chance to make a positive difference in the world. Independently owned and independently minded, we attract a diverse mix of people to work on ground-breaking global projects. We have an ambitious commitment to be the digital leader in the built environment and have digital teams and experts all over the world, who collaborate on world-leading software, data and technology projects and products. Being a global team means we value people with diverse experiences, backgrounds, specialisms and skills. 

About Arup

The people at Arup are driven to find a better way and to deliver better solutions for our clients.

We welcome applications from a diverse group of people, including those who are seeking flexible working, have accessibility needs, want to bring their whole selves to work, and can enrich our workforce with cultural diversity.

We offer a competitive remuneration package commensurate with qualifications and experience to the right candidate including a global profit share scheme, excellent staff benefits and long-term career development opportunities.

We’ve always been a purpose-led organisation. we are here to support each other, to do our best work possible and make our own special contribution. We’re here to shape a better world, and for us ‘better’ is all about creating a more sustainable future for the world.

The role 

We are looking for a governance, risk and compliance (GRC) cyber analyst for our growing global cyber security team. You will help protect Arup’s digital infrastructure and data from cyber-attack. You will help to assess Arup’s information and cyber risks, define Arup’s security policies, standards and guidelines, run a cyber education and awareness programme, manage supply chain cyber risk, manage data loss prevention and ensure that Arup is compliant with relevant cyber legislation and standards. 

The GRC team is distributed globally. The cyber security analyst role reports to the GRC service leader based in UK. 

“Being a graduate and starting in a new team can be intimidating, but from my very first day with the Cyber Security team I felt welcome. Across varying skill levels, ranging from juniors to top industry professionals, the team goes above and beyond to support each other, find solutions, and build companywide awareness of the importance of cyber security. Your perspective is always considered and appreciated, which really makes you feel like you’re making a difference to Arup and to our people's security. This has been a motivating and empowering experience for me throughout these uncertain times." - Yana, UK

You should apply if:

• You are interested in cyber security, and have a solid foundation in technology
• You have an analytical mind and enjoy solving problems
• You enjoy learning new skills and sharing your knowledge with others

Responsibilities of the role include:

• Representing cyber in Australasia region for any cyber related requests and issues
• Ensure compliance with Arup’s information security control framework
• Coordinating cyber security awareness campaigns in Australasia region
• Liaising with stakeholders in the Australasia region for new developments in Digital and drive security by design
• Conducting threat and risk assessments and drive risk closure
• Keeping Arup’s cloud and other information environments secure and compliant
• Conducting supply chain cyber due diligence
• Working with the software development community to ensure digital products and services are secure by design
• Helping to deliver Arup’s data loss prevention program
• Auditing internal infrastructure and applications against defined security framework
• Driving IT disaster compliance activities
• Driving security control assessments and thriving for raising the compliance level in Australasia region
• Measuring cyber processes, controls and reporting on the effectiveness of the cyber management plan

Requirements and skills

Essential skills and knowledge:

• Analytical and problem-solving skills to identify and assess risks and threats
• Some industry GRC or information risk management experience desirable
• Ability to understand the business context and technology landscape, and apply appropriate security solutions in response to differential risks and needs
• Understanding of data loss prevention techniques
• Excellent emotional intelligence to foster openness and transparency within the team
• Experience in information risk management

Desirable skills and knowledge:

• Knowledge of compliance and audit
• Experience on industry standards NIST, CIS and ISO22301

Required attributes:

• Australian Citizen or Permanent Resident
• Successful candidate must pass a disclosure and barring security check
• The ability to empower others to succeed, giving staff the confidence and support to thrive, develop and excel at what they do
• Excellent written/verbal communication skills with both non-technical as well as technical audiences managing successful communications with governance boards and stakeholders
• Open-minded collaborative approach to problem solving, improvement and leadership with an empathy for the needs of clients and customers
• Ability to influence others to consider your point of view and gain support and agreement for plans, changes and new approaches
• Ability to establish and agree direction when there is lack of clarity from stakeholders
• Self-starter, pragmatic, flexible and comfortable with ambiguity, able to align business and Digital Technology Group vision to deliver clarity

Qualifications

• University degree level qualification or equivalent industry experience

Salary Range

• $90,000-100,000AUD

If you are interested in helping us shape a better world, please click “Apply Now” to submit your online application.

No agencies please

Stay safe online - Arup will never ask for payment or your bank details as part of our recruitment process.