Cyber Governance, Risk and Compliance (GRC) Analyst

About WorkCover Queensland 

At WorkCover Queensland our vision is to be the best worker’s compensation insurer, to make a positive difference to people’s lives and to keep Queenslanders working. Our flexible work environment allows you to be your best every day and contribute to the big picture.  

Our organisation is made up of individuals who collaborate and seek to engage others, working together as One Team. We embrace diversity and value people who bring personal energy and authenticity to everything they do. If you’re someone with a strong values-oriented compass and you want to achieve sustainable outcomes, you will find a great community at WorkCover.  

About the Opportunity – Cyber GRC Analyst 

WorkCover is entering a new chapter, with a renewed strategic focus and strong executive leadership guiding our organisation’s 2030 Strategy. This role supports the ongoing delivery of core cyber governance and risk practices that protect our systems and deliver meaningful outcomes for our people, customers and the broader community.

As a Cyber Governance, Risk and Compliance (GRC) Analyst, you’ll support the ongoing maturity and assurance of WorkCover’s Information Security Management System (ISMS), working across cyber control assessments, risk reviews, and internal/external audit activities. You’ll play a hands-on role in uplifting our compliance posture and embedding security governance across the enterprise. 

Reporting to the Cyber Security Governance and Compliance Manager, you’ll collaborate with internal stakeholders across cyber, IT, and business to deliver operational GRC outcomes - from control testing and policy development to risk-based reporting and third-party assurance. You’ll contribute to risk-informed decision-making and help ensure WorkCover remains secure and resilient in a dynamic regulatory and threat landscape.  

You’ll also contribute to: 

• Lead control assessments, internal assurance and evidence collection activities across WorkCover’s ISMS 
• Support internal and external audits, ensuring evidence readiness and cyber GRC alignment 
• Collaborate with technical and business stakeholders to perform cyber risk assessments and uplift control maturity 
• Monitor and report on cyber risks, control gaps and assurance outcomes to enable effective remediation 
• Track emerging risks and contribute to improving cyber policies, standards and frameworks 

A bit about you: 

You’re a capable and proactive cyber security professional with experience across GRC, compliance, or risk. You’re detail-oriented and able to manage complexity without losing sight of the big picture. Whether coordinating a control review or supporting audit prep, you’re organised, collaborative and always looking for ways to improve. 

You bring: 

• Minimum 5+ years’ experience in cyber GRC, information security, or technology risk roles 
• Familiarity with ISMS practices and frameworks such as ISO27001, NIST CSF and or Essential 8 
• Experience in testing or reviewing cyber controls, assessing risk, and supporting assurance activities 
• Strong communication skills with the ability to engage technical and non-technical stakeholders 
• Working knowledge of GRC platforms (e.g. Protecht), Microsoft security stack, and cloud governance concepts 
• Relevant certifications such as ISO27001, CRISC, or CISA are desirable but not essential 

You’re someone who enjoys solving problems, engaging across teams, and contributing to cyber security outcomes that matter. You take pride in your work and thrive in a fast-paced, collaborative environment where your input makes a difference. 

A bit about us: 

The Cyber Security team is part of our Digital and Technology Group and plays a critical role in safeguarding our systems, data and people. We’re passionate about enabling innovation and digital progress while protecting what matters most. 

In return, you’ll enjoy a flexible 5-in-10 hybrid work model, access to personalised learning and development, and the holistic support of our health and wellbeing program. We offer competitive salaries, a generous superannuation scheme (including co-contribution), and support for further study. 

You can find out more about our Employee Benefits by visiting Working at WorkCover Qld. 

How do I apply? 

Please submit your resume and a covering letter of no more than two pages, outlining your suitability for the role, your motivations, and alignment with our values and vision. Applications close at 5PM, Tuesday 29th of July. 

We are committed to ensuring WorkCover reflects the diversity of the Queensland community. We welcome applications from First Nations peoples, members of the LGBTQIA+SB community, people of all ages, people who are neurodivergent, people with disability, and people from culturally and linguistically diverse backgrounds. To provide you the best experience, we can support with accommodations or adjustments at any stage of the recruitment process. Simply inform our recruitment team during your conversation with them. Pre-employment checks will be conducted on all prospective employees. This will include a Right to Work in Australia Check, Police Check, Education Check, Reference Check and where appropriate a Visa Check. The information provided will be treated as confidential in accordance with the Information Privacy Act 2009 (Qld). 

Please Note: WorkCover does not accept unsolicited resumes from agencies and will not be liable for related fees. All recruitment is managed internally. Agencies must not represent or promote WorkCover roles without prior written authorisation.