Your team manages the Cyber Risk management strategy, security policy, reports on cyber security risk and compliance, audits and assurance About us
Canberra Consulting focuses on delivering highly skilled and qualified professionals to our clients. Canberra Consulting has the experience and the capability to understand your specific requirements and match them to the right environment, ensuring professional satisfaction and ongoing development opportunities. Our focus is ensuring that both you and our client are a good match and that we give you every opportunity to succeed.
The Opportunity
Our client has a number of specialised cyber roles across the CRSB that require advanced skills for Cyber Risk Analysis and the current workforce does not possess the necessary knowledge and skills to successfully perform the range of tasks required.
All candidates applying for this position must be an Australian Citizen and have a current Baseline security clearance.
Key responsibilities include:
- Identifying, testing and assessing applicable security controls in line with the Australian Government Information Security Manual and agency policies and guidelines
- Managing security documentation; certification of ICT systems, system risk assessments of the implementation and effectiveness of security controls within ICT systems, platforms and environments to determine suitability to operate
- Analysing and documenting security risk and recommending treatments and modifications to security practices and procedures using expertise and technical knowledge
- Contributing to the system authorisation program of work, system projects and programs, including the Cyber Hardening and Resilience Program by developing or reviewing security artefacts, including Threat and Risk Assessments and System Security Plans
- Providing a centralised risk/treatment tracking; operational and strategic risk reporting; system audit plans and reports to drive risk reduction activities
- Demonstrated high level knowledge of Australian Government security practices and requirements in line with the Australian Government Information Security Manual and agency policies and guidelines
- Demonstrated security experience within complex ICT environments including an understanding of global Cyber Security trends, attack vectors and techniques
- Extensive experience with risk and information security frameworks, policies and standards, including the Federal Government PSPF and ISM, and international standards (ISO 27001/2)
- Demonstrated working experience in security threat and risk assessment and development of security accreditation artefacts
- Proven ability to deliver to tight timeframes with a demonstrated track record of successful delivery outcomes