You MUST hold an NV1 security clearance (Australian Citizen) to be eligible for these roles.
The Cyber Security Analysts will work within the Integrated Cyber Risk Management section to undertake cyber risk assessments of key technology components and systems. A Cyber Risk Analyst is required to meet Protective Security Policy Framework (PSPF) requirements and deliver key system authorisations on behalf of the Agency and Shared Services Partners.
A Cyber Security Analyst is a specialised role that is required to understand cyber security controls protecting Government ICT Systems, processes, and information. A Cyber Security Analyst undertakes system security assessments based on required controls and communicates and develops documentation so informed decisions can be made regarding associated cyber security risks.
Key duties may include, but are not limited to:
- Identify, test and assess applicable security controls in line with the Australian Government PSPF, ISM and agency policies and guidelines.
- Analyse and document security risk and recommend treatments and modifications to security practices and procedures using expertise and technical knowledge.
- Contribute to the system authorisation program of work, system projects and programs, by developing or reviewing security artefacts, including Threat and Risk Assessments and System Security Plans.
- Manage, develop and support complex relationships with stakeholders to achieve work area goals.
- Manage and maintain the agreed service levels.
- Assist with the development and implementation of security policies, procedures, projects, and strategies.
- Continuously work to improve the efficiency and effectiveness of the cyber security service.
- Educate and inform departmental staff to promote understanding and ensure adherence to security policy and processes.
Skills and Experience Required
- Extensive demonstrated experience with risk and information security frameworks, policies, and standards, including the Federal Government Protective Security Policy Framework (PSPF) and Information Security Manual (ISM), and international standards (ISO 27001/2).
- Demonstrated working experience in security threat and risk assessment and development of security authorisation artefacts.
- Demonstrated security experience within complex ICT environments.
- Strong stakeholder management skills, and the ability to communicate security concepts to non-technical audiences both verbally and in writing.
- Understanding of global Cyber Security trends, attack vectors and techniques.
APPLY NOW for our immediate consideration, or you can contact Jerry Belialba on 08 8112 7406 for a confidential chat about the role