Cyber Security Officer
Australian Access Federation
Science & Technology / Other
Posted 04/06/2026
Closes 04/07/2026
Brisbane, 4000, Queensland
Full time
Australian Access Federation Ltd operates national authentication services for Australian higher education and research, enabling cross-organisational access for over 1.5 million users.
AAF is part of the Australian Government eResearch Infrastructure Roadmap and is a provider of national digital research infrastructure for the National Collaborative Research Infrastructure Strategy. AAF’s clients include Australian universities, research organisations, CSIRO, medical research institutes, government departments and NCRIS capabilities.
Founded in 2009 and headquartered in Brisbane, AAF provides an opportunity to work in an innovative organisation recognised as a global leader in its field.
About the role
AAF is seeking a Cyber Security Officer to support cybersecurity operations across AAF’s technical environment.
The role will work closely with AAF’s Managed Service Provider, Engineering team and CISO to support the delivery of cybersecurity initiatives, respond to SOC findings, assist with cyber risk management, support incident response, and contribute to the ongoing maturity of AAF’s security capability.
This role suits someone with practical cybersecurity operations experience who can work across technical teams, vendors and stakeholders, and translate complex security issues into clear actions.
Key responsibilities
The Cyber Security Officer will be responsible for:
- Supporting day-to-day cybersecurity operations, including SOC action items, attack surface management and alignment with AAF’s security objectives.
- Monitoring security systems, analysing logs and investigating alerts to identify potential security issues or breaches.
- Supporting incident response activities, including detection, containment, eradication and recovery.
- Preparing incident updates, reports and documentation for stakeholders.
- Analysing penetration testing reports and working with technical teams to help prioritise remediation.
- Conducting cyber risk assessments across internal systems, vendor applications and third-party platforms.
- Supporting vendor lifecycle activities, including selection, onboarding and ongoing monitoring from a security perspective.
- Developing and delivering cyber awareness training and phishing simulations.
- Working with the CISO to deliver initiatives from AAF’s cybersecurity strategy.
- Assisting with disaster recovery, business continuity and incident response planning and testing.
- Keeping current with cybersecurity trends, threats, technologies and good practice.
Skills and experience required
Applicants should have:
- Minimum 4 years’ experience in cyber operations, systems administration or a related technical security role.
- Demonstrated experience handling SOC findings, threat assessments and incident response in a technical environment.
- Experience monitoring security systems, analysing logs and investigating security alerts.
- Experience with AWS Cloud and relevant security tools.
- Experience with security technologies such as firewalls, intrusion detection systems and security information and event management systems.
- Demonstrated experience undertaking cyber risk assessments for internal and third-party vendor applications and platforms.
- Experience supporting or executing cybersecurity initiatives in line with an overarching cyber strategy.
- Ability to translate complex security or technical issues into clear, actionable insights for non-technical audiences.
- Strong written and verbal communication skills, including preparation of reports, submissions and correspondence.
- Ability to work independently and collaboratively with technical teams, vendors and stakeholders.
- Experience with IT service management frameworks, such as ITIL, is desirable.
Qualifications
Applicants should have either:
- A relevant degree or CISM accreditation with subsequent relevant experience in cybersecurity or a related field; or
- A combination of relevant experience in cybersecurity operations, technical security, systems administration and risk management.
- Security certification(s) such as Security+, CISSP, and ISO 27001 Lead Implementer.
Other information
- The position is fixed-term and full-time.
- Standard office hours are Monday to Friday.
- Flexible working hours and work-from-home arrangements may be available, subject to negotiation and approval.
- Some travel may be required.
- Some out-of-hours work may be required from time to time.
How to apply
Please submit your resume and a brief cover letter outlining your relevant cybersecurity experience, including experience with SOC findings, incident response, AWS Cloud, security tools, risk assessments and stakeholder communication.
Australian Access Federation
The Australian Access Federation (AAF) is transforming Australia’s research, teaching, and learning communities by delivering innovative technology solutions and policy, that provide secure access to digital resources and infrastructure, across the entire ecosystem.
Established in 2009, the AAF is Australia’s identity federation and part of a global network of over 80 federations around the world. We are a vital part of the Australian eResearch infrastructure landscape enabling safe and secure exchange of information between education and research institutions both locally and internationally.
We enable secure connection and collaboration, between education and research institutions, by providing access to over 990 national and international services that support teaching, learning and research.
As experts in trust and identity, the national identity Federation we operate enables over 10.9M authentications annually. We are continuing to invest in the technological capability of the Federation and our cloud hosted platform now connects more than 80% of our subscribers.
The Federation is a combination of technology and policy, which offers a trust framework. It provides subscribers with a national single sign-on that allows individuals across many different organisations to collaborate and access online resources within a trusted environment.
By logging in via the AAF, end users can access a variety of services including file transfer, data storage, compute, collaboration tools and portals, scientific instrumentation, administrative systems, scholarly resources and teaching, learning and research resources.
© 2026 - Philled Pty Ltd. All rights reserved.
We acknowledge the Traditional Owners of the land where we work and live. We pay our respects to Elders past, present and emerging and celebrate the stories, culture and traditions of Aboriginal and Torres Strait Islander Elders of all communities who also work and live on this land.