Full-time permanent position
Hybrid work environment
Play a key role shaping insider threat capability at a critical national institution
This role offers the opportunity to contribute to a critical uplift in the RBA’s insider threat capability. You will play a key role in strengthening the Bank’s ability to proactively reduce, detect, investigate and respond to insider threats.
About the team
The Cyber Threat Intelligence Centre brings together Cyber Threat Intelligence and Insider Threat capabilities to deliver intelligence-led defence across the Bank.
This role sits within the Insider Threat team and reports to the Manager, Cyber Threat Intelligence Centre. You will work closely with the Insider Threat Program Lead as part of a specialised team responsible for the prevention, detection, investigation, and response to insider threats. This team operates in a highly collaborative environment, working closely with internal stakeholders and external partners across government, industry and central banks.
Key responsibilities
Conduct complex, end-to-end insider threat investigations, combining behavioural analysis and technical evidence to assess intent, risk, and impact, and produce clear, defensible findings to support proportionate response actions.
Detect and triage insider risk alerts and referrals across enterprise data sources to identify policy breaches, malicious insiders, or compromised accounts.
Design, tune and operate insider threat use cases across insider threat platforms, such as User and Entity Behaviour Analytics (UEBA), Security Information and Event Management (SIEM), Purview Insider Risk Management (IRM), or similar technologies.
Apply threat intelligence, and knowledge of insider tactics, techniques and procedures (TTPs) to develop and refine detection logic and monitoring strategies.
Partner with cyber and technology teams to uplift controls, including data loss prevention, conditional access, insider risk management, and behavioural analytics, to strengthen visibility of high-risk behaviours and sensitive data movement.
Translate technical and behavioural signals into clear, actionable insights and recommendations for business areas, cyber teams, and senior stakeholders.
Contribute to the development and continuous improvement of the insider threat program, including governance, high-risk user monitoring, and awareness initiatives.
Support broader insider threat program objectives, including high-risk user monitoring, secure travel, awareness uplift, and continuous improvement of detection use cases and program governance.
You will represent the RBA at various domestic and international security and insider threat forums, conferences and events, remotely or in person, and contribute to establishing the RBA as a key thought leader and contributor within the space.
Support cross-functional responsibilities or other duties as directed by the Insider Threat Program Lead.
About you
You are a strong insider threat practitioner with proven experience operating in complex environments. You apply a structured, analytical approach to investigations, communicate clearly with stakeholders, and are focused on continuously improving capability and processes.
To be successful in this critical role, you will possess:
At least 3 years' experience in an insider threat or other technical cyber security roles. Alternatively, a minimum of 5 years' experience in an adjacent information technology or protective security discipline.
Strong technical understanding of the threat landscape, including insider threat tactics, techniques and procedures, behavioural indicators, and adversarial tradecraft.
Strong hands-on experience with enterprise detection and monitoring technologies (e.g. SIEM, UEBA, IRM, SOAR), with the ability to design, tune and optimise insider threat use cases and controls. Experience in Microsoft Purview is considered highly desirable.
A broad understanding of general cyber security and information technology topics, principles and regulations relevant to a modern enterprise environment.
Strong written, verbal and presentation skills, with the ability to clearly explain and justify analytical judgments.
A proven ability to build and maintain effective stakeholder relationships.
A proactive mindset, with a focus on improving or automating workflows and processes.
It is desirable that candidates have completed, or are currently undertaking, at least one of the following certifications or related courses:
Tertiary qualification in a relevant field, or equivalent practical experience.
Insider threat-specific training or certifications, such as:
Critical Path to Insider Risk (CPIR)
Certified Insider Threat Program Manager
Broader cyber security or intelligence certifications, such as the Certified Information Systems Security Professional (CISSP) or Certified Information Systems Manager (CISM).
A security clearance will be necessary for this role, as a result we can only accept applications from Australian Citizens.
Be More
Working for an organisation that truly makes a difference to the people of Australia, we can offer development and career opportunities in a collaborative environment that supports your growth, wellbeing and promotes flexibility. Your individual growth and success drives the RBA forward as an organisation. Be more means you can do more, for yourself and for Australia.
Why RBA?
The RBA makes an important contribution to the Australian economy through the pursuit of national economic policy objectives and associated activities in financial markets and banking. We also issue Australia's banknotes and operate infrastructure critical to the payments system, all of which contribute to the welfare of the Australian people. Made up of specialists across a wide range of fields, our people, values, and culture play a critical role in achieving our objectives. Striving to be Open & Dynamic, we consider and incorporate different perspectives, work across teams and are transparent with each other, whilst delivering quality together effectively and focusing on outcomes by prioritising, testing, learning, and refining as we go. Our people conduct themselves with a high degree of integrity, while striving for excellence in the work they perform and the outcomes they achieve. We encourage intelligent inquiry and we treat one another with respect while promoting the public interest through our efforts. We know it is the growth and success of our people that drives the RBA forward. Come and make a bigger contribution while you build and develop your own skills too, because being more means you can do more, for yourself and for Australia.
The Reserve Bank of Australia is committed to equity, diversity and inclusion through key initiatives. We welcome and encourage applicants from diverse backgrounds to apply, including Aboriginal and Torres Strait Islander peoples, culturally and linguistically diverse background, those living with a disability and from the LGBTQ+ community. We are committed to making the recruitment process fair and equitable for all our candidates.
Application Close :
July 15, 2026.