Cyber Governance - Risk & Compliance Analyst | Cloud Security, AI Governance & AWS Assurance
* Location: Canberra (Hybrid)
* Security Clearance: Baseline (Mandatory - must already be held)
About the position:
This role sits at the intersection of cloud security, AI enablement, and enterprise compliance.
You will shape how security frameworks are designed, documented, and embedded across AWS cloud environments supporting AI initiatives. The focus is not reactive auditing, it is proactive security architecture alignment within a regulated federal ecosystem.
Operating within a mature AWS cloud landscape, you'll contribute to ensuring AI-driven platforms remain compliant, defensible, and resilient against evolving risk profiles.
What you'll do:
* Lead the development and ongoing uplift of System Security Plans (SSP), Security Risk Management Plans (SRMP), Audit Logging Plans (ALP), and Continuous Monitoring frameworks
* Design and document secure AWS configurations across IAM, KMS, S3 security, Secrets Manager, NACLs, CloudTrail, and CloudWatch
* Align cloud security controls with ISM, PSPF, Essential Eight, and enterprise compliance standards
* Collaborate with platform, development, and security teams to ensure secure AI-enabled solution delivery
What we're looking for
* 5+ years' experience in cyber governance, risk, assurance, or compliance roles
* Hands-on experience securing AWS cloud environments and documenting compliance artefacts
* Strong understanding of Australian Government regulatory frameworks (ISM, PSPF, Essential Eight)
* Working knowledge of AI/ML fundamentals within secure cloud environments
Technology & environment:
* AWS Cloud security architecture and control frameworks
* AI-enabled platforms operating within regulated environments
* Enterprise cloud compliance, audit, and assurance practices
* Agile delivery teams collaborating across security, platform, and development domains
Important to know:
* This is not a policy-only or advisory role, practical AWS security design experience is essential
* You will struggle if your experience is limited to checklist compliance without hands-on cloud platform exposure
* Baseline clearance must already be held
* Experience securing AI workloads within AWS is highly regarded
#J-18808-Ljbffr