Experience:
- SCTY - The management of, and provision of expert advice on, the selection, design,
justification, implementation and operation of information security controls and
management strategies to maintain the confidentiality, integrity, availability, accountability
and relevant compliance of information systems.
- Applies and maintains specific security controls as required by organisational policy and local
risk assessments to maintain confidentiality, integrity and availability of business
information systems and to enhance resilience to unauthorised access. Recognises when an
IT network/system has been attacked, and takes immediate action to limit damage.
- Determines when security issues should be escalated to a higher level. Demonstrates
effective communication of security issues to business managers andothers. Performs basic
risk assessments for small informationsystems.
- Conducts security risk assessments for defined businessapplications or IT installations in
defined areas, and provides advice and guidance on the application and operation of
elementary physical, procedural and technical security controls (e.g. the key controlsdefined
in ISO27001).
- Performs risk assessment, and business impact analysis for medium size information
systems. Investigates suspected attacks and recommends remedial action
Responsibilities:
- Application of pattern and engine updates performed in a timely manner in accordance with
documented release procedures to provide a high level of protection of the DRN and DSN
against viruses.
- Advise the appropriate parties when patches or updated vendor applications become
available and assist with an upgrade when requested or practical.
- Alerts and alarms are analysed, classified and actioned in accordance with Defence IT
Security guidelines.
- Ensure that correct routing information, backups, file review and archiving, database purging and other routine housekeeping activities are performed.
- Changes to configuration of devices and servers, including the tuning of false positives, are
undertaken in accordance with change control, release and configuration management guidance.
- Monitor network data streams and event log data to ensure that Intrusion attempts are
detectedinvestigated and prevented.
- Monitor network data streams and eventlog data to ensure that gateway operations are
optimised andmaintained and were identified improved
- Perform VulnerabilityManagement to ensure that all vulnerabilities to the network are identified and treated in accordance with set guidelines.
- Ensurethat service availability meets or exceeds Defence serviceavailability guidelines (SLA's).
Apply Now and for more information, please contact Archna Singh on 02 6245 1708 quoting Job Reference: 249375
