Apply now »

Security Analyst

Business Unit:  Information Technology
Date:  18 Jun 2026
Requisition ID:  995

About Snowy:

Snowy Hydro is a dynamic, integrated energy business that has been providing on-demand, reliable energy to Australia for generations. Snowy Hydro owns and operates a powerful combination of generation assets, including the mighty Snowy Mountains Scheme, gas and diesel plants, and contracted wind and solar energy.

 

We also provide electricity and gas to over 1.5 million retail customers through our retail brands Red Energy and Lumo Energy. Snowy 2.0 is Australia's largest committed renewable energy project. This nation-building project will provide on-demand energy and large-scale storage for many generations to come.

 

About the position:

We are seeking a mid-level operational Cyber Security Analyst to join our team at Snowy. This hands-on "doer" role is situated on the operational side of the team, focusing on platform integration, unit response, detection, and DevSecOps.

You will be responsible for protecting the organisation's information systems, networks, and data by monitoring, identifying, analysing, and responding to security threats and vulnerabilities, while supporting the ongoing improvement of cybersecurity controls across our IT and Operational Technology (OT) environments.

 

Key Responsibilities:

  • Platform Engineering & Maintenance: Integrate, configure, maintain, and uplift a range of security technologies and platforms, including Application Control, Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Vulnerability Management, Privileged Access Management (PAM), Network Security (firewalls, IPS, etc.), Secure Access Service Edge (SASE/SSE), Web Filtering, and Identity and Access Management (IDAM).

  • Incident Detection & Response: Continuously monitor IT and Operational Technology (OT) environments to detect and respond to cybersecurity incidents that could impact critical systems and power generation. Support incident response activities including containment, investigation, recovery, root cause analysis, and reporting.

  • DevSecOps & Cloud Integration: Manage DevSecOps responsibilities related to cloud environments, embedding vulnerability management into CI/CD pipelines, and ensuring secure application development lifecycle principles.

  • Project Support: Collaborate with project teams to integrate cybersecurity requirements into initiatives and support the timely deployment of security solutions for IT and OT environments.

  • Security Assessments & Mitigation: Conduct security assessments and best-practice reviews, and document, assess, and implement remediations for cyber risks identified in audits, security reviews, and other assessments.

About the location:

This role can be based in Melbourne or Sydney.

About you:

  • Technical Experience & Capability: Experience with technical toolsets in two or more cybersecurity domains, such as EDR tools (e.g., CrowdStrike, Carbon Black, McAfee), SIEM platforms (e.g., Splunk, Sentinel, Rapid7), PAM, SASE/Netskope deployments, Firewalls, or IDAM. A background transitioning from systems engineering or systems administration is highly regarded.

  • Autonomy & Accountability: A strong drive for results, balanced with the ability to work constructively and sustainably. You are an autonomous "doer" who can honestly assess your own experience and link past work to required technical skills, even if you haven't used every specific platform.

  • Communication & Relationships: Strong communication skills to work effectively with all levels of the organisation, with the ability to hold yourself well during stakeholder engagement and phone screenings. Excellent technical documentation skills to analyse, interpret, and present information to diverse audiences.

  • Framework Familiarity (Favourable): While not mandatory, knowledge or experience with industry cybersecurity frameworks and privacy acts—such as the Australian Energy Sector Cyber Security Framework (AESCSF), ISO 27001, NIST, IEC 62443, and the Security of Critical Infrastructure Act (SOCI)—is considered a favourable addition.

  • Discretion & Safety Focus: Ability to act with absolute discretion when handling sensitive company information, coupled with a commitment to demonstrate and drive the highest level of focus on workplace safety.

About our workforce:

Snowy Hydro has a culture of decency and inclusion, with a commitment to the health and wellbeing of our people and a supportive environment to ensure that everyone - regardless of background - feels included and can succeed. At Snowy Hydro, we recognise that we are made stronger by the unique capabilities and qualities that each individual brings, and we believe in providing an environment that allows that uniqueness to thrive.

 

Snowy Hydro is proud to be an Equal Opportunity employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for a role with Snowy Hydro and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an email with your request to the Snowy Hydro recruitment team at recruitment@snowyhydro.com.au

 

Apply now »