IT Security Analyst
- Role located in Sydney
- Applications close on 15th January
- Commence in February 2021 (1/2/2021)
- 12 months contract with 2×12 month extension options at the clients discretion
- A NV1 security clearance is required for this role or the ability to obtain one
An IT Security Analyst is required to manage security measures to ensure:
- IT systems are protected against unauthorised access or compromise; and
- Information in electronic form is stored, processed and/or communicated in accordance with the law, Australian Government policies, and the information security requirements prescribed by the Entity’s Security policies and frameworks.
You will provide technical/professional advice to the CISO; assist in the developing and updating IT security documentation; assist in preparation of reports for internal and external stakeholders; and conducting reviews and investigations as appropriate.
Under broad direction, you will be responsible for the following:
- Assist the CISO in activities required of the Entity’s IT Security Adviser as defined in the Protective Security Governance Guidelines;
- Provide expert security advice to CISO and CIO;
- Develop quality IT security policies, plans and procedures;
- Assess Entity’s cyber security risk and provide advice on how to mitigate identified risks;
- Provide technical guidance to IT staff and contractors on appropriate mechanisms and technologies for implementing controls;
- Act as co-ordination point for IT Security incidents;
- Responsibility for auditing functions, systems, and procedures:
- Reporting on compliance with the PSPF,
- Ensure new and existing systems undergo Security Assessments and Threat Risk Analyses,
- Co-ordinate routine penetration and other It security audits,
- Maintain the IT Security Risk Register;
- Track and report on status of implementation of new or modified IT Security controls.
To be considered for this role you should have:
- Demonstrated ability to work collaboratively and co-operatively with staff and their managers across IT to ensure that projects are completed and procedures adhered to;
- Demonstrated ability to provide high level security advice to clients during the development and implementation of new applications;
- Experience working in geographically dispersed organisations is essential;
- Relevant industry qualifications in IT security such as ITILV3 and at least one of either CISSP, CISM or CISA qualifications.
- A highly developed knowledge of the Australian Government Information Security Manual and Protective Security Policy Framework and current and emerging IT security technologies.
- Demonstrated ability to provide expert security advice, develop quality IT security policies, plans and procedures.
- Ability to work in a team environment delivering a high level of customer service, with the ability to build strong working relationships and trust with clients, stakeholders and senior management.
- Demonstrated high level of communication skills with effective presentation and representation skills.
- Highly developed knowledge of risk management principles and practices and project management skills.
- Demonstrated knowledge of and commitment to the APS Code of Conduct and Values, the principles and practices of workplace diversity, work, health and safety, workplace consultation and an ability to manage, promote and apply them in the workplace.