Cyber Security Analyst

Ebix is seeking an experienced Information Security & Compliance Analyst to support and strengthen our information security program. In this role, you will help ensure compliance with regulatory requirements such as ISO 27001, APRA CPS 234, and SOC 2, while working closely with internal teams and external partners to manage risks, support audits, and promote secure practices across the organisation.

This is a great opportunity to work in a dynamic, collaborative environment with exposure to both local and global security initiatives.

Benefits

At Ebix, we value our people and are committed to supporting your success. As part of our team, you’ll enjoy:

Competitive salary with salary packaging options

20 days annual leave per year (pro-rata)

10 days personal/carer’s leave per year

Paid parental leave in line with statutory entitlements

Task & responsibilities

• Develop and implement local information security policies and procedures in alignment with ISO 27001 and APRA CPS 234 requirements
• Maintain compliance with regulatory obligations and internal risk frameworks across cloud-hosted and on-premises environments
• Respond to security and compliance questionnaires from external stakeholders and business partners
• Support internal and external audits by providing evidence of security controls, policies, and risk mitigation activities
• Identify, assess, and manage vulnerabilities across infrastructure and applications, and coordinate remediation with relevant teams
• Monitor security events and alerts through SIEM tools and escalate incidents in accordance with the incident response plan
• Coordinate patch management activities, including customer notification and internal tracking of critical updates
• Manage cybersecurity awareness training for staff and ensure ongoing compliance with internal security training policies
• Collaborate with the corporate security team to align local practices with global security standards and strategic objectives
• Engage with external security vendors and service providers to ensure third-party compliance with contractual and regulatory requirements
• Work with internal development and support teams to implement secure coding  practices and integrate security into the software development lifecycle (SDLC)
• Apply knowledge of ISO 27001, NIST Cybersecurity Framework, and SOC 2 requirements to strengthen security posture and governance

Qualification & experience

• Tertiary qualifications in an Information Technology related discipline preferred
•  Minimum 3 years of professional experience in information security, compliance, and risk management.