Cyber Risk Advisor

Our Opportunity

Work Location:  Fortescue’s Perth office is located on the traditional lands of the Whadjuk people.

Roster:  Monday to Friday

At Fortescue, our Cyber Security team plays a key role in making sure we’re a safe, resilient, and trusted organisation. We do this by managing cyber risks across all areas of our technology—from information systems to industrial and operational tech.

We’re now looking for someone to join the team, reporting to the Superintendent of Cyber Risk Advisory, to help protect our IT and OT environments. In this role, you’ll be involved in a wide range of activities, including risk assessments, threat modelling, reviewing changes and solutions from a security perspective, and helping guide secure architecture design.

You’ll also help develop security patterns and support incident response efforts when needed.

Key Responsibilities

• Carries out cyber security risk management activities within a specific function, technical area, or project of medium complexity.
• Identifies cyber risks and vulnerabilities, assesses their impact and probability, develops mitigation strategies and reports to the business.
• Involves specialists and domain experts as necessary.
• Maintains documentation of risks, threats, vulnerabilities, and mitigation actions.
• Advises on Fortescue’s approach to cyber risk management related to corporate and/or Operation Technology domains.
• Identifies typical risk indicators and explains prevention measures.
• Identifies risk mitigation measures required in addition to the standard organisation or domain measures.
• Develop security patterns for key technologies based on threat modelling.
• Reviews and performs cyber risk assessments and risk treatment plans. Identifies typical risk indicators and explains prevention measures.

Qualifications and Experience

• Degree / Diploma / Certificate in Information Technology, Computer Science, Electrical Engineering, mechatronics, or a related discipline.
• General or specific Cyber Security certifications e.g. CCNA, CISSP, GSEC, GRID, GICSP, OSCP CEH, CISM etc.;
• Degree / Diploma / Certificate in information systems management, business administration, or a related discipline would be beneficial.
• Independent judgement and strong decision-making capabilities;
•  An ability to communicate complex and technical issues to diverse audiences at all levels;
• An understanding of organizational mission, values, and goals and consistent application of this knowledge;
• Ability to react to high pressure dynamic changing environments

About Us

Be part of something big. Fortescue is leading the world with our plan to decarbonise our iron ore operations, projects that harness renewable energy and the development of technology that will change our planet forever.

Our Commitment

Fortescue celebrates individual strengths and team members are encouraged to bring their whole selves to work. Our global workforce drives and promotes an inclusive culture, both within our organisation and throughout the communities we interact with. Diverse backgrounds include First Nations Peoples, people with disabilities, LGBTQ+ community, gender, neurodiverse, cultural diversity, all age groups, and those with an intersectional or multiple diverse characteristics. We encourage candidates from all backgrounds to apply.

https://fortescue.com/careers 

Internal Candidates / Current Contractors please apply via Success Factors Careers Portal. For further information on how to apply please visit the Fortescue Hub. 

Fortescue reserves the right to close applications early should a suitable pool of candidates be identified. Fortescue will never contact you to ask for payment of any kind, whether directly or through a third party.