Senior Analyst- Cyber Risk Management

The Arnott’s Group portfolio of brands continues the 158-year legacy of the Arnott family, providing quality, great-tasting food to create delicious moments for consumers across the world.

About the Role:

Join the Arnott’s Group as a Senior Analyst – Cyber Risk Management and play a pivotal role in strengthening our cyber security posture. Reporting to the Head of Cyber Security, this operational role focuses on delivering tangible outcomes in governance, risk management, and operational risk. You’ll drive initiatives aligned with the NIST (National Institute of Standards and Technology) framework, implement fit-for-purpose GRC (Governance, Risk and, Compliance) tools, and support ongoing risk management activities. Collaborating closely with internal stakeholders and external partners, you’ll help shape a robust cyber risk culture while balancing project demands and business-as-usual needs.

Perks:

• Discounted Gym Memberships
• 12 Weeks Paid Parental Leave for all new parents.
• Free onsite parking
• Discounted Products
• Discounted Health Insurance

Our Culture:

We stand for high performance with integrity and find moments of pride and celebrate the wins gained from our collective effort. These are part of our culture and the cornerstones of The Arnott's way. When you join our team, you can expect to experience a real sense of belonging, be empowered with accountability, be recognised for your contribution, collaborate with great people.

What your days looks like:

• Define, implement, and embed improvements to the GOVERN and IDENTIFY security outcomes of the NIST framework, including policy and documentation lifecycle management, risk processes, and stakeholder engagement protocols.
• Perform comprehensive risk assessments, prioritise remediation actions, and manage the Arnott’s cyber risk register, heat map, and monthly reporting for the Digital & Technology Governance & Risk Forum.
• Plan, assess, select, and implement a fit-for-purpose GRC tool, following a structured project methodology and ensuring integration into existing processes and governance frameworks.
• Define and enhance compliance programs covering supply chain risk management, privacy (APP11-Information Security), controls, and PCI DSS (Payment Card Industry Data Security Standard), while maintaining up-to-date inventories and documentation.
• Work with the Compliance and Controls Assurance function to facilitate control effectiveness testing, improve security controls, and manage cyber risk-related activities.

The Ingredients for Success:

• A bachelor's degree in computer science, information systems, or a related field, along with relevant industry certifications such as CISA, CISM, CISSP, or similar credentials.
• 6-7 Years of Cyber Risk and Compliance experience in cyber framework governance, risk and compliance, information security, IT audit, or IT controls assurance, ideally within larger corporate environments or IT managed services.
• Proven experience in executing cyber framework gap assessments, program uplifts, and maintaining risk management processes to align with NIST, ISO27001, or similar standards.
• Strong working knowledge and understanding across key cyber defence domains, including firewalls, intrusion detection/prevention, SIEM (Security Information and Event Management), endpoint security, VPNs, penetration testing, cloud security, and incident response.
• Ability to demonstrate accountability, strategic thinking, problem-solving, and collaboration across IT, operational technology, and business stakeholders, with exceptional communication skills to translate technical risks into business insights.

To Apply:

If this sounds like your next opportunity, please follow the link, and apply. 

We value diversity in our workforce. If you require any reasonable adjustments, please inform our team so that we can work together to support your needs throughout the recruitment process.

*We do not accept unsolicited resumes from agencies