Job Info
Location: GLEN IRIS, VIC
Salary: Award
Job Type: Permanent position | Full time position
Job Description
About the company We are Render Networks, a global leader in digital construction management software for utilities and infrastructure providers. Our cloud-based platform connects field teams, contractors, and project managers with real-time data to streamline planning, scheduling, and delivery of fibre and telecom networks.
Trusted by major operators worldwide, we help organizations improve productivity, reduce costs, and deliver projects faster and more safely. By transforming complex construction workflows into connected, data-driven operations, we enable smarter decision-making and efficient network rollouts. We are committed to building the digital backbone of modern infrastructure and supporting the future of connected communities.
About the role Render Networks is seeking a Cyber Security & Compliance Analyst to lead security operations, vulnerability management, and compliance initiatives. This role is critical in protecting the organisation’s infrastructure, data, and systems from evolving cyber threats while ensuring adherence to international security standards including ISO 27001:2022. The Cyber Security & Compliance Analyst will conduct security assessments, investigate incidents, implement and enforce security controls, and maintain the organisation’s Information Security Management System (ISMS).
About the position Position: Cyber Security and Compliance Analyst Location of work: 104/1 Crescent Road, Glen Iris, Vic -3146 Employment type: Permanent, Full time. Salary Range: $75,000 to $85,000 plus Superannuation. Duties and Responsibilities
* Perform regular assessments on systems, networks, and applications to identify and prioritise risks and vulnerabilities
* Conduct vulnerability scans and penetration testing to evaluate security posture, coordinating remediation with technical teams
* Analyse alerts and data from critical systems including web application firewalls, proxies, network security devices, and vulnerability management systems
* Develop and maintain documentation including vulnerability reports and risk assessments
* Serve as the first line of response for reported issues and incidents across the company's platform and internal systems
* Coordinate incident response activities to contain, mitigate, and recover from security breaches, conducting root cause analysis to develop preventive measures
* Document incidents and maintain response records; examine recovery tools and recommend business continuity solutions
* Escalate complex incidents to senior engineering, DevOps, or specialist security vendors as required
* Enforce identity and access management controls across organisational systems and applications in line with least-privilege and zero-trust principles
* Ensure compliance with identity lifecycle policies including role-based access controls, SSO configurations, and periodic entitlement reviews across organisational systems
* Conduct regular access reviews and user entitlement audits to ensure compliance with security policies; monitor and remediate access anomalies and privilege escalation risks
* Implement, monitor, and manage endpoint security controls including EDR, patching, encryption, issues, and device compliance.
* Assess and enforce configurations & software across managed endpoints to maintain compliance & functionality for the organisation.
* Align asset inventories with ISO 27001 Annex A.8 compliance requirements and maintain audit evidence including criticality ratings for vendor security assessments
* Conduct research on cyber threats, vulnerabilities, and attack methodologies to maintain current knowledge of the threat landscape
* Implement and manage threat intelligence tooling, SIEM systems, and continuous monitoring to detect suspicious behaviour and potential breaches
* Maintain and ensure ongoing adherence to the organisation’s ISMS in accordance with ISO 27001:2022 standards
* Conduct quarterly risk assessments and maintain the risk register to identify and track highest priority technology risks
* Support internal and external security audits and re-certification activities, providing evidence of compliance with security controls
* Perform ongoing security operations including cloud service configuration audits, business continuity and disaster recovery assessments, configuration management verification, secure data lifecycle auditing, DLP system operations, web filtering reviews, secure coding practice evaluation, and physical security control reviews.
* Review and update security policies and procedures to ensure alignment with regulatory requirements and industry best practices
* Prepare compliance reports and documentation for management and external auditors; track and verify remediation of audit findings
* Integrate security tooling into CI/CD pipelines and development workflows
* Conduct security code reviews and implement secure software development lifecycle practices
* Collaborate with development and operations teams to embed security into DevOps processes
* Assess security of third-party components and dependencies used in applications
* Develop and deliver information security awareness training programmes for employees
* Create security communications and guidance materials for end users; educate staff on emerging threats and best practices
* Develop and maintain knowledge base articles and incident response playbooks
* Host and run annual Capture
The Flag (CTF) competitions to promote security awareness and develop practical security skills across the organisation. Essential Skills & Experience Qualifications:
* Master’s degree in Information Technology, Cyber Security, Computer Science, or related field; OR
* Minimum 1–2 years of relevant work experience in cyber security, information security, or security operations
Technical Skills:
* Demonstrated experience in security vulnerability assessment and risk analysis
* Proficiency with cloud security, particularly AWS security services (WAF, IAM, Security Groups, GuardDuty)
* Experience with security monitoring and incident investigation tools
* Understanding of security frameworks (ISO 27001, NIST, Essential Eight)
* Knowledge of security testing methodologies and vulnerability management
* Familiarity with DevSecOps practices and security integration in CI/CD pipelines
* Understanding of web application security, network security principles, and secure coding practices
Experience:
* Minimum 1 year hands-on experience in cyber security analysis, security operations, or similar role
* Proven track record conducting security assessments and vulnerability management
* Experience investigating incidents and implementing remediation measures
* Background in security compliance and governance activities including security audits
Personal Attributes:
* Strong analytical and problem-solving capabilities with attention to detail
* Excellent investigation skills and ability to think critically about security threats
* Effective communication skills for both technical and non-technical audiences
* Ability to work independently and collaboratively within cross-functional teams
Desirable Skills
* Industry certifications such as CompTIA Security+, CEH, CISSP (Associate), or equivalent
* Experience with ISMS implementation and maintenance, specifically ISO 27001:2022 and SOC 2 Type 2
* Knowledge of Australian privacy legislation and data protection requirements
* Experience with security automation and orchestration tools
* Familiarity with threat intelligence platforms and frameworks (MITRE ATT&CK)