Associate Cyber Security Advisor

• Engage early with projects to ensure secure-by-design principles are embedded and risks are managed in accordance with Woodside’s risk management processes
• Provide guidance to new technology initiatives, ensuring threats and risks are understood, security patterns are applied, and gaps are identified and transparently managed
• Champion cyber security to inform and influence service line managers and stakeholders to understand, own and manage cyber threats applicable to their platforms
• Support delivery and continuous improvement of global Cyber Risk and Compliance capabilities (People, Process, and Technology)
• Apply Woodside’s Engineering Standard for Information Security (and other relevant standards) to system architecture and design
• Drive continuous improvement including adoption of new technical solutions to security challenges and achieve operational efficacy and efficiency
• Contribute to the ongoing development of standards, processes, patterns and guidelines that uplift the organisation’s security posture
• Provide quality assurance and advice on security designs, patterns, and technology decisions
• Contribute to developing a cyber security team that is seen as experts in meeting the mission of protecting Woodside’s people, brand and reputation

• Relevant Cyber Security or Computer Science tertiary degree (or equivalent qualification)
• 4-6 years+ combined experience in cyber security, solution architecture, systems engineering, or related cyber security roles
• Strong written and verbal communication skills
• Ability to collaborate effectively with engineers, project teams, business stakeholders, and senior architects
• Strong requirements-gathering skills
• Foundational understanding of industry cyber security frameworks such as ISO 27001 and NIST CSF
• Foundational understanding of key security concepts such as Zero Trust, RBAC, least privilege, network segmentation, and secure egress principles
• Exposure to security architecture activities such as requirements analysis, design reviews, threat modelling, and participating in secure-by-design processes, IT change management, and design governance processes
• Experience working with enterprise security tools and platforms, such as Microsoft E5 security capabilities (Defender, Purview, Intune, Conditional Access) and Identity & Access Management tools (Entra ID/Azure AD, Saviynt, Zscaler)

Industry recognised certifications relevant to cyber security, architecture, governance risk and compliance, audit, etc. (SABSA, TOGAF, CISSP, CCSP, CISM, CISA, Microsoft/AWS cloud certifications)

• Commitment to your ongoing development, including on the job opportunities and formal programs
• Inclusive parental leave entitlements for both parents
• Values led culture
• Flexible work options
• Generous annual leave, sick leave and casual leave
• Cultural and religious leave with flexible public holiday opportunities
• A competitive remuneration package featuring performance based incentives with uncapped Employer Provident Fund