Job from partnerDescription
About Energy One
Energy One is a publicly listed leader in energy trading software, with over 15 years of experience delivering mission-critical services to wholesale energy, environmental, and carbon trading markets. We are the largest provider of 24/7 operational energy services in Australia and the second largest in Europe.
Our technology supports a wide range of clients - from agile start-ups to major global energy enterprises, helping them navigate a fast-evolving industry shaped by climate goals, renewable energy integration, and market volatility.
The Role
The Senior Cybersecurity Officer will strengthen Energy One’s security posture and safeguard our digital assets. You will bring a strong background in application and infrastructure security, penetration testing, and hands-on expertise with modern security tools. You will play a key role in identifying vulnerabilities, managing risks, and ensuring compliance with industry standards.
Reporting to the Group CISO, the Senior Cybersecurity Officer will deliver across the business, with a strong focus on Australian operations and application security. You will own the day-to-day security oversight, risk management, and security process execution, ensuring controls are implemented effectively and security issues (incidents, vulnerabilities, audit findings) are identified, prioritised, and driven to closure in partnership with IT, Engineering, Product, and vendors.
Requirements
- 5+ years in information/cyber security operations, GRC, and/or security service delivery;
- Strong stakeholder management and written reporting skills;
- Hands-on, pragmatic risk/issue management and incident/vulnerability coordination;
- Familiarity with ISO 27001/ISMS evidence and audit practices;
- Working knowledge of common security controls (identity and access management, vulnerability management, endpoint/network security, logging/monitoring);
- Application security experience including secure SDLC, threat modelling, and coordinating remediation of SAST/DAST/SCA and penetration test findings.
- Ability to partner effectively with software engineers and product teams, translate security requirements into actionable work, and collaborate with global teams.
