Security Risk and Reporting Analyst

@ Medibank

Overview

At Medibank, we are creating a healthier future by enhancing our digital capabilities to deliver better health outcomes. The Security Risk and Reporting Analyst plays a critical role in managing security issues enterprise-wide and providing actionable reporting to drive informed decisions.

Role Description

In this initial 6-month contract role (paying $800-$900 per day including Super), you will be part of a high-performing Security Governance Team. This role is remote across VIC, NSW, QLD, and ACT. Your responsibilities include:

• Tracking and managing security issues on the GRC platform
• Delivering clear, actionable reports on risk and controls
• Identifying trends for proactive risk management
• Ensuring accuracy in security registers and trackers
• Supporting security testing activities
• Collaborating with internal teams and compliance stakeholders
• Enhancing and automating reporting processes
• Developing standard reporting procedures

What You’ll Bring

You should have 5+ years in cybersecurity, risk management, or compliance. A deep understanding of regulatory frameworks such as APRA CPS 234, NIST CSF, ISO 27001, PCI DSS, and Essential Eight is essential. Proficiency in GRC platforms and data visualization tools like Power BI or Tableau is required. Excellent communication, analytical, and organizational skills are necessary, and relevant certifications (e.g., ISACA, CISSP) are highly desirable.

Key skills/competency

Cybersecurity, Risk management, Compliance, GRC, Reporting, Data visualization, Regulatory frameworks, Analytical skills, Communication, Automation