Provide innovative and best practice Governance, Risk and Compliance (GRC) services, including managing security threat and risk assessment and accreditation activities remediation activities, and creation of accreditation, technical and governance document suites.
Role Responsibilities
- Analyse and document security risk and recommend treatments and modifications to security practices and procedures using expertise and technical knowledge.
- Identify, test and assess applicable security controls in line with the Information Security Manual and agency policies and guidelines.
- Contribute to the system accreditation program of work by developing or reviewing security artefacts, including Threat and Risk Assessments and System Security Plans.
- Assist with the development and implementation of security policies, procedures, projects and strategies.
- Manage, develop and support complex relationships with stakeholders to achieve work area goals.
- Educate and inform departmental staff to promote understanding and ensure adherence to security policy and processes.
Required Skills & Experience
- Extensive demonstrated experience with risk and information security frameworks, policies and standards, including the Federal Government PSPF and ISM, and international standards (ISO 27001/2).
- Demonstrated working experience in security threat and risk assessment and development of security accreditation artefacts.
- Demonstrated security experience within complex ICT environments.
- Strong stakeholder management skills, and the ability to communicate security concepts to non-technical audiences both verbally and in writing.
- Demonstrated GRC experience.
For more information or a confidential discussion, please contact Ben van Loggerenberg on (02) 6268 9703 quoting reference 241754
To apply please click the 'Apply Now' button.
