Cyber Risk Advisor

Perth, WA, AU


Welcome to Fortescue. We're a global green energy and metals company.

View company page

About Us


Fortescue is both a proud West Australian company and a global green solutions business. We are recognised for our culture, innovation and industry-leading development of infrastructure, mining assets and green energy initiatives.

Our Opportunity

Work Location:  Perth.  Perth, Western Australia.  Fortescue’s Perth office is located on the traditional lands of the Whadjuk people.


Roster:  Monday to Friday 


The Cyber Security team is responsible for leading Fortescue's efforts to be a cyber resilient, safe and trusted organisation, by effectively managing risk across all assets enabled through technology (informational, industrial and operational)


Reporting to the Superintendent of Cyber Risk Advisory, the role will be responsible for protecting Fortescue’s information technology (IT) and operational technology (OT) environment through compliance with all applicable configuration standards and best practice frameworks for any cyber risk assessment and assurance activities, performing Threat Assessments and Modelling activities, cyber security reviews, development of Security patterns and assisting with incident response activities

Key Responsibilities


  • Carries out cyber security risk management activities within a specific function, technical area, or project of medium complexity.
  • Identifies cyber risks and vulnerabilities, assesses their impact and probability, develops mitigation strategies and reports to the business.
  • Involves specialists and domain experts as necessary.
  • Maintains documentation of risks, threats, vulnerabilities, and mitigation actions.
  • Advises on Fortescue’s approach to cyber risk management related to corporate and/or Operation Technology domains.
  • Identifies typical risk indicators and explains prevention measures.
  • Identifies risk mitigation measures required in addition to the standard organisation or domain measures.
  • Develop security patterns for key technologies based on threat modelling.
  • Reviews and performs cyber risk assessments and risk treatment plans. Identifies typical risk indicators and explains prevention measures.

Qualifications and Experience


  • Degree / Diploma / Certificate in Information Technology, Computer Science, Electrical Engineering, mechatronics, or a related discipline.
  • General or specific Cyber Security certifications e.g. CCNA, CISSP, GSEC, GRID, GICSP, OSCP CEH, CISM etc.;
  • Degree / Diploma / Certificate in information systems management, business administration, or a related discipline would be beneficial.
  • Independent judgement and strong decision-making capabilities;
  • An ability to communicate complex and technical issues to diverse audiences at all levels;
  • An understanding of organizational mission, values, and goals and consistent application of this knowledge;
  • Ability to react to high pressure dynamic changing environments;
  • Ability to effectively work independently or as part of a team.

Our Commitment


Fortescue is deeply committed to providing a safe culture that builds respect, fosters inclusiveness, and values diversity. We celebrate individual strengths and team members from all backgrounds are encouraged to bring their whole selves to work. Our global workforce drives and promotes an inclusive culture, both within our organisation and throughout the communities we interact with across the world. Diverse backgrounds include First Nations Peoples, people with differing abilities, LGBTIQ+ community, gender, neurodiverse, cultural diversity, all age groups, and those with an intersectional or multiple diverse characteristics. We encourage candidates from all backgrounds to apply. 


Internal Candidates / Current Contractors please apply via Success Factors Careers Portal. For further information on how to apply please visit the Fortescue Hub. 


Fortescue reserves the right to close applications early should a suitable pool of candidates be identified. Fortescue will never contact you to ask for payment of any kind, whether directly or through a third party.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰>

Job stats:  6  0  0
Category: Compliance Jobs

Tags: CEH CISM CISSP Compliance Computer Science GICSP GSEC Incident response Industrial OSCP Risk assessment Risk management Vulnerabilities

Region: Asia/Pacific
Country: Australia

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.