Job description
Agency Department of Corporate and Digital Development Work unit Cyber Resilience
Job title Governance Risk and Compliance Analyst Designation Senior Administrative Officer 1
Job type Full time Duration Fixed for 12 months
Salary $128,551 - $143,611 Location Darwin
Position number RTF Closing 25/02/2026
Contact officer Sonia Peters on or
About the agency
Apply online
APPLICATIONS MUST INCLUDE A ONE-PAGE SUMMARY ABOUT YOU, A DETAILED RESUME AND COPIES OF YOUR TERTIARY
QUALIFICATIONS.
Information for applicants – inclusion and diversity and Special Measures recruitment plans
The NTPS values diversity. The NTPS encourages people from all diversity groups to apply for vacancies and accommodates people with
disability by making reasonable workplace adjustments. If you require an adjustment for the recruitment process or job, please discuss
this with the contact officer. For more information about applying for this position and the merit process, go to the OCPE website.
Aboriginal applicants will be granted priority consideration for this vacancy. For more information on Special Measures plans, go to the
OCPE website.
Primary objective
Support the Northern Territory Government's management of ICT and infrastructure environments through providing expert and
operational capability in governance, risk and compliance of cyber security and supply chain management.
Context statement
The Department of Corporate and Digital Development manages digital systems on behalf of NT Government agencies. The position
operates within a cyber security team providing expert cyber security governance, risk and compliance advisory services and leading the
cyber risk management program.
Key duties and responsibilities
1. Provide expert advice to senior management on cyber and data security to support informed decision making on cyber risk
management.
2. Contribute to the development and maintenance of a Risk Management Program and Risk Management Framework and related
policies, practices and systems and executive reporting.
3. Monitor internal and external policy and regulatory compliance and continuously audit policies and controls.
1. Collaborate with stakeholders on information security policy and practices, business continuity and disaster recovery to support
embedding best practice and regulatory compliance in operations.
5. Collaborate with SMEs and stakeholders on security architecture, cyber threats and issues to support risk assessments and decision
making.
6. Contribute to a security assurance and audit management program, including managing vulnerability assessments and related executive
reporting.
7. Participate in cyber security related project activities as required.
Selection criteria
Essential
1. Experience in risk management, compliance and audit including knowledge of frameworks relevant to cyber security such as ISO27001,
NIST, CMMC AESCSF, ISM, PSPF, Essential Eight.
2. Demonstrated experience in developing documentation to manage cyber security and supply chain risk, such as security risk
management plans and system security plans or similar documents.
3. Demonstrated analytical capability to undertake risk assessments of cyber security and controls and conduct or manage assurance,
testing, audits and vulnerability assessments; and interpret and apply legislation and policy requirements.
1. Well-developed knowledge of the cyber risk environment and understanding of enterprise risk management and vendor management.
2. Highly developed written communication skills with the ability to convey complex concepts and develop a range of materials including
executive briefings, reports, plans, policies, guidelines and procedures.
6. Highly developed interpersonal skills with demonstrated ability to build relationships, influence stakeholders and deliver executive and
stakeholder briefings.
1. Demonstrated work ethic and attitude which emulates DCDD values of Commitment to service, Innovation, Ethical practice,
Accountability, Impartiality, Diversity and Respect.
Desirable
1. Experience in operating within GRC platforms.
2. Qualifications in ICT, risk management or other related discipline or industry certifications such as CISM, CISSP or CISA.
3. AGSVA Security Clearance
Further information
The successful applicant will require a Baseline National Security Clearance.
When choosing to apply for this position, the applicant should consider the full requirements of the position in aligning to their work
experience and capabilities to this role. Please refer to the Capability Framework
Page 1 of 2
Job description