The Security Specialist is expected to have a strong understanding of ICT security policy in government, and a background in large and complex projects is essential. The Security Specialist is responsible for undertaking technically complex work, under limited direction, utilising expertise in IT security analysis and compliance assessment. The Security Specialist will be responsible for documenting the risks and security controls for current-state and target-state solutions that help drive the modernisation agenda of the client. This role will work closely with enterprise architects, business analysts, procurement specialists, ICT, and vendors to shape and inform the direction of modernisation activities. The Security Specialist will be expected to develop a firm understanding of the client risk appetite, as such the ability to identify, shape and describe opportunities and risks within the context of business outcomes and business problems will be essential.
- Conducting security architecture reviews for solutions within the scope of the program including the collection of high-level security requirements, assessment of current-state security architecture and proposing target-state security architecture.
- Determination as to whether Australian Government PSPF and ISM controls are applicable to the assessment scope. Assessment of the level of readiness and effectiveness of applicable controls and documenting comments and evidence for each control.
- Development and/or review of the Statement of Applicability for solutions within the scope of the program.
- Development and/or review of Security Risk Management Plans including the documentation of implemented security controls.
- Development and/or review of System Security Plans including the documentation of information security threats, vulnerabilities and risks.
- Development and/or review of Incident Response Plans including the documentation of information security threats, vulnerabilities and risks.
To be successful in the role, you will possess:
- 5+ years of demonstrated Experience working as a Security Specialist inside complex and large-scale ICT projects/programs within Federal Government.
- Expert knowledge and experience in undertaking ICT security compliance and risk assessments Security documentation for both current-state and target-state.
- Proven ability to deliver information security solutions that meet business requirements and align with risk appetite and compliance obligations.
Apply now for immediate consideration - contact Priya Kuncham 02 6245 1730 quoting Job Reference: 212203