Careers

• Be part of a newly created role within a high performing IT team
• Build beyond GRC with hands on exposure to broader cyber security operations and technical domains
• Accelerate your career in a role designed for growth across the full cyber security spectrum
• Enjoy flexible work arrangements and generous leave policies

About us

HWLE is not your typical law firm. Our rapid rise to become the largest legal partnership in Australia shows that in our case, the differences are real. We deliver first class legal advice to our government and commercial clients in every state and territory across Australia. Firm wide, we have over 270 Partners and 1900 people.

The opportunity

We are looking for a Cyber Security Analyst to support day to day governance, risk and compliance activities. The role is responsible for assessing and monitoring the adequacy and effectiveness of information security and IT controls, tracking compliance obligations, and supporting the Firm's ongoing ISO 27001 certification, Essential Eight and SOC 2 assurance.

While the role is grounded in traditional Governance, Risk, and Compliance (GRC) disciplines, it offers genuine opportunities to develop hands‑on technical cyber security skills and broaden into operational security domains. This makes it an ideal position for a governance‑focused professional who is looking to grow their career across the full spectrum of cyber security

You'll be busy with

• Support information security governance, risk, and compliance activities, including ISO 27001, Essential Eight maturity, internal audits, and external assurance activities
• Responding to client security questionnaires, tenders and controls evidence.
• Assist with day‑to‑day security incident and support ticket review, actioning and monitoring
• Perform regular controls testing and assessments to evaluate the adequacy and effectiveness of information security and IT controls across the Firm
• Assist with internal and external audit activities, including evidence gathering, gap analysis, and tracking of remediation actions to closure
• Assist with updating the Firm's information security risk register, including tracking of risk treatment plans and control improvement actions
• Assist with information security awareness initiatives and uplift of security knowledge across the Firm

To succeed in this role, you might have

• 4+ years of experience in Cyber Governance, IT Audit or IT Risk Management expertise
• Tertiary qualification in Business, IT, Engineering or equivalent experience.
• Essential CISA, CRISC or equivalent
• Strong understanding of information security risk and controls concepts
• Ability to manage multiple concurrent client assurance requests, prioritise workload, and deliver within agreed timeframes
• Experience supporting audit processes (internal or external), including evidence gathering, issue tracking, and remediation follow‑up
• Foundational understanding of core cyber security domains
• Strong oral and written communication skills to collaborate effectively with employees at all levels of the organisation
• Attention to detail and accuracy when compiling evidence packs, supporting documentation, and client‑facing artefact
• Demonstrates a strong work ethic, enthusiasm, and a positive attitude, while maintaining a sense of humour

What we offer

• Unrivalled career pathways: Our 180 day career forecasting sessions provide the platform to fast-track your progression.
• Location: Our cutting-edge office is conveniently located in the heart of the Melbourne CBD amidst a fast-pace, high-networking legal community. Enjoy working in a state-of-the-art office environment with access to modern end of trip facilities.
• Great culture and a huge networking platform: Be part of a firm renowned for its friendly and down-to-earth culture. We also have sports clubs, social club and monthly firmwide drinks.
• Impact: Join a firm consistently ranked at the forefront of the Australian legal market, where your work is recognised nationally.

How to apply

To apply, please submit your CV via the 'Apply' function. Applicants must have full working rights in Australia and a valid practising certificate to apply. HWLE also strongly encourages applications from the Aboriginal and/or Torres Strait Islander community.

HWLE strives to create an inclusive environment where our people want and feel comfortable to bring their entire selves to work. Varied perspectives contribute to our collective success so whatever your background, we'd love to hear from you and encourage you to apply. If you have reasonable accessibility requirements that will enable you to participate equitably in our recruitment process, please reach out to Gabrielle Saunders for a confidential discussion.