The Associate Security Specialist is expected to have an understanding of ICT security policy in government. The Associate Security Specialist is responsible for undertaking technically complex work, under the guidance and mentorship from senior security analysts utilising their expertise in IT security analysis and compliance assessment. The Associate Security Specialist will be responsible for documenting the risks and security controls for current-state and target-state solutions that help drive the modernisation agenda of the client. This role will work closely with enterprise architects, business analysts, procurement specialists, ICT, and vendors to shape and inform the direction of modernisation activities. The Associate Security Specialist will be expected to develop a firm understanding of the client risk appetite, as such the ability to identify, shape and describe opportunities and risks within the context of business outcomes and business problems will be essential.
- Determination as to whether Australian Government PSPF and ISM controls are applicable to the assessment scope. Assessment of the level of readiness and effectiveness of applicable controls and documenting comments and evidence for each control.
- Review of the Statement of Applicability for solutions within the scope of the program.
- Review of Security Risk Management Plans including the documentation of implemented security controls.
- Review of System Security Plans including the documentation of information security threats, vulnerabilities and risks.
- Development and/or review of Incident Response Plans including the documentation of information security threats, vulnerabilities and risks.
- The development and/or review of technical security documentation to support procurement.
- Undertake compliance assessments of proposed designs and/or technology solutions to ensure alignment with the Program architecture principles and standards.
- Provide analysis and judgement on complex issues and make significant contribution to the management, preparation and coordination of Program deliverables.
To be successful in the position, you will possess:
- Demonstrated Experience working in a security role inside complex and large-scale ICT projects/programs.
- Knowledge and experience in undertaking ICT security compliance and risk assessments security documentation for both current-state and target-state.
- Working knowledge of Federal Government security policy.
- Relevant tertiary qualifications in ICT or a related field.
- Professional certifications in ICT security.
- Demonstrated knowledge of Commonwealth frameworks, including ICT frameworks.
Apply now for immediate consideration - contact Priya Kuncham 02 6245 1730 quoting Job Reference: 212205