M01 - Cybersecurity Analyst

Key Responsibilities

Security Governance

• Conduct preliminary assessments of SaaS requests using established governance frameworks to determine whether further security risk assessment is required.
• Collect and compile security scorecard data from project teams, cross-referencing reported metrics against actual deliverables to ensure accuracy within specified reporting periods.
• Gather and compile the security metrics defined in the cyber workplan initiatives.

Security Awareness

• Analyse whole-of-government phishing exercise results to identify patterns and areas for improvement.
• Monitor and follow up to ensure that new joiners and staff who fell prey to phishing exercises complete mandatory security awareness training.
• Develop engaging security awareness content such as EDMs and gamified quizzes.

Security Operations

• Analyse Data Loss Prevention (DLP) reports to assess whether users may have inadvertently uploaded classified information to central storage platforms, AI tools, or external email.
• Track and consolidate responses from project teams on queries raised through GITSIR/GIROC polls, ensuring timely follow-up.

Vulnerability Management

• Support the establishment of systematic processes for communicating vulnerability information to project teams and tracking remediation status, helping to close the gap between asset visibility and actionable remediation.