Cyber Threat Exposure Management - NV1

Location Canberra
Salary AU$150000.00 - AU$180000.00 per annum
Job type Permanent
Discipline Cyber Security
Reference BBBH3759_1769735050

Role Title
Cyber Threat Exposure Management (CTEM) Analyst


Location
Canberra, ACT


Working Arrangement
Hybrid or on-site (as required by project needs)


Clearance Required
NV1 or higher


Company Overview
Australian owned systems integrator and IT consulting firm that delivers secure digital transformation outcomes for government and private industry through expert people, strong partnerships, and modern technologies.

Job Description
We are seeking a Cyber Threat Exposure Management (CTEM) Analyst to join a growing cybersecurity team. The successful candidate will play a key role in reducing real-world cyber risk by identifying, confirming, and assessing exposures across infrastructure, cloud, identity, endpoints, and applications. This role will work closely with Security Operations, Vulnerability Management, Cloud/Infrastructure, and Application teams to ensure exposures are resolved effectively, focusing on business risk and exploitability rather than tool-generated severity ratings.

Duties and Responsibilities

  • Identifycyber exposures across enterprise environments, including:
    • vulnerabilities, missing patches, and insecure configurations
    • identity and access risks such as excessive privilege and MFA gaps
    • cloud security posture issues
    • external attack surface exposures where relevant
  • Assess and validate identified findings to understand their practical impact, exploitability, and relevance to potential attack paths.
  • Consolidate and analyse data from multiple security tools (vulnerability scanners, SIEM, EDR, CSPM, IAM) to reduce noise and surface genuine exposures.
  • Prioritise risks by considering asset criticality, likelihood of exposure, existing control gaps, and relevant threat intelligence.
  • Develop clear remediation guidance and provide verification steps for technical teams to action and validate fixes.
  • Raise, manage, and track remediation activities through ITSM workflows (e.g., ServiceNow, Jira), monitoring progress through to completion.
  • Verify the effectiveness of remediation activities and maintain evidence demonstrating that exposures have been addressed.
  • Contribute to CTEM reporting by capturing metrics such as exposure trends, remediation timeframes, and outstanding issues.

Knowledge/Skills Required

  • Experience in cyber security operations, vulnerability management, or security analysis
  • Strong technical understanding of enterprise environments, including:
    • Windows and Linux operating systems
    • networking fundamentals such as DNS, routing, firewalls, and segmentation
    • identity, access, and authentication concepts
  • Ability to interpret security findings and translate them into actionable remediation steps
  • Strong investigative and analytical skills
  • High attention to detail and the ability to work through complex technical issues methodically
  • Strong written communication skills for reporting and evidence preparation
  • Desirable experience:
    • exposure management or attack-path analysis
    • CTEM processes including continuous discovery, validation, prioritisation, and exposure reduction
    • use of tools such as Tenable, Rapid7, Qualys, Wiz, Defender for Cloud, Prisma, Microsoft Defender, CrowdStrike, Microsoft Sentinel, or Splunk
    • familiarity with MITRE ATT&CK

Employment Benefits

  • Opportunity to work across Defence and Federal Government environments
  • Access to cutting-edge security tools and exposure management capabilities
  • Support for ongoing professional development and certification pathways
  • Work within a team committed to improving national cyber resilience

Diversity and Inclusion
We value diversity and are committed to creating an inclusive environment for all employees.

Veterans
Defence and Federal Government industry experience is highly desirable. We strongly encourage veterans and individuals with Defence experience to apply. Your unique skills and background are highly valued, and we are committed to supporting your transition into this role.

About Cleared
At Cleared, we provide tailored recruitment solutions to individuals seeking their next opportunity and to organisations searching for talent within Defence Industry, Intelligence and National Security.