Senior Cybersecurity Officer
Indexed description
Energy One is a publicly listed leader in energy trading software, with over 15 years of experience delivering mission-critical services to wholesale energy, environmental, and carbon trading markets. We are the largest provider of 24/7 operational energy services in Australia and the second largest in Europe.
Our technology supports a wide range of clients - from agile start-ups to major global energy enterprises, helping them navigate a fast-evolving industry shaped by climate goals, renewable energy integration, and market volatility.
The Role
The Senior Cybersecurity Officer will strengthen Energy One’s security posture and safeguard our digital assets. You will bring a strong background in application and infrastructure security, penetration testing, and hands-on expertise with modern security tools. You will play a key role in identifying vulnerabilities, managing risks, and ensuring compliance with industry standards.
Reporting to the Group CISO, the Senior Cybersecurity Officer will deliver across the business, with a strong focus on Australian operations and application security. You will own the day-to-day security oversight, risk management, and security process execution, ensuring controls are implemented effectively and security issues (incidents, vulnerabilities, audit findings) are identified, prioritised, and driven to closure in partnership with IT, Engineering, Product, and vendors.
The Skills and Experience you bring
- 5+ years in information/cyber security operations, GRC, and/or security service delivery;
- Strong stakeholder management and written reporting skills;
- Hands-on, pragmatic risk/issue management and incident/vulnerability coordination;
- Familiarity with ISO 27001/ISMS evidence and audit practices;
- Working knowledge of common security controls (identity and access management, vulnerability management, endpoint/network security, logging/monitoring);
- Application security experience including secure SDLC, threat modelling, and coordinating remediation of SAST/DAST/SCA and penetration test findings.
- Ability to partner effectively with software engineers and product teams, translate security requirements into actionable work, and collaborate with global teams.
- Understand and support developers in an application security context;
- Coordinate the response to security events and vulnerabilities (including MDR escalations) and track remediation to closure;
- Maintain and improve security controls and baselines;
- Support the ISMS by maintaining policies/standards, collecting evidence, and preparing for internal/external audits;
- Perform risk assessments and maintain security risk/issue registers;
- Produce clear status reporting and run operational governance cadence with regional stakeholders;
- Support access reviews, exception handling, and change control;
- Partner with the engineering and product teams to uplift application security by embedding secure SDLC practices (security requirements, threat modelling, design reviews), support penetration testing activities, oversight over security tooling (e.g., SAST/DAST/SCA/secret scanning as applicable), and triage/remediate application findings with agreed SLAs.
- Flexible hybrid work environment
- Modern office environment
- Work with diverse and inclusive teams
- Energy promotes career growth and professional development
- Be part of a growing global business with exciting prospects
Join us to lead cutting-edge security initiatives by assessing vulnerabilities, implementing best practices, and collaborating across teams to safeguard applications, infrastructure, and networks.
Apply now, with your resume and tailored cover letter and help us power the future of energy.
Energy One is committed to diversity, inclusion, and equal opportunity. We welcome applications from people of all backgrounds.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search