Make Your Resume Now

Graduate Cyber GRC Analyst

Ncsaustralia
Australia
Posted June 17, 2026
Full-time Director

Job Overview

Kickstart your cybersecurity career with NCS AU! We are seeking an ambitious Graduate Cyber GRC Analyst to join our forward-thinking, AI-enabled cyber team. This is a structured, capability-building pathway designed to fast-track your practical experience in Governance, Risk, and Compliance (GRC). Mentored by seasoned cyber practitioners, you will develop a rock-solid foundation in information security while learning how to effectively protect our business, our people, and our clients.

In this role, you won't just be learning traditional frameworks; you will be operating at the cutting edge of the industry. We actively encourage the use of approved AI tools (such as Microsoft Copilot) to accelerate policy drafting, streamline threat research, and drive business efficiencies. You will get hands-on, end-to-end exposure to risk management, control uplift, compliance monitoring, and audit readiness against leading industry standards like ISO/IEC 27001 and the ASD Essential Eight.

As a developmental position, we don’t expect you to know everything on day one. Success will be measured by your enthusiasm for learning, your progression through our structured training, the quality of your outputs, and how well you align with NCS AU’s collaborative, value-driven culture. If you are ready to build a modern cyber career with the tech of tomorrow, this is the launchpad you have been looking for.

Governance, Risk & Compliance (GRC)

  • Framework Alignment: Support control validation, audit prep, and documentation for frameworks including ISO/IEC 27001 and ASD Essential Eight.

  • AI Optimization: Leverage approved AI tools (e.g., Microsoft Copilot) to accelerate policy drafting, control mapping, and evidence synthesis.

  • Risk & Reporting: Maintain risk registers, track remediation, and prepare KRI dashboards and compliance reports for cyber leadership.

Risk Assessment & Compliance Monitoring

  • Risk Evaluation: Conduct operational and third-party risk assessments, tracking treatment plans and residual risks.

  • Continuous Monitoring: Monitor compliance against regulatory, contractual, and internal security frameworks (including PSPF).

  • Gap Analysis: Utilize AI-assisted research to monitor the threat landscape, identify non-compliance, and support remediation planning.

Third-Party Risk Management (TPRM)

  • Vendor Due Diligence: Evaluate vendor security postures, manage questionnaires, and maintain the vendor risk register.

  • AI Risk Governance: Assess AI-related risks in third-party products (e.g., data residency, training data governance).

  • Customer Assurance: Support responses for tenders and customer-facing security assessments.

Security Awareness & Culture Uplift

  • Culture Champion: Promote a strong security culture and deliver engaging awareness materials, inductions, and user guidance.

  • AI Literacy: Develop specific awareness content regarding the acceptable, responsible use of AI tools and data handling.

  • Continuous Improvement: Identify opportunities to optimize GRC workflows and actively contribute to the broader cyber team's maturity.

Ready to Apply?

Take the next step in your career journey

Apply Show More Jobs

Stand out with a professional resume tailored for this role

Build Your Resume – It’s Free!