AddressLocation: Sydney, Melbourne, Canberra, Brisbane, Adelaide, Perth, (Onsite or Remote)
The Technology Security team plays a pivotal role in our Cyber Security daily operations, ensuring that we create and maintain a secure cyber environment.
The Cyber Security expert s a technology expert who will deliver positive Cyber Security outcomes within AFSA that strengthen the organisation's Cyber Security posture.
You will be responsible for the design, building, implementation and operations of Cyber Security Operations including threat management and response, vulnerability management, identity and access management. You will work to understand the security requirements and identify how the cybersecurity technologies can be designed to enable secure and compliant solutions.
You will look broadly across the Cyber Security threat landscape and work with industry partners to provide solutions and guidance on how best to secure our information assets. You will collaborate with Technology Services to maintain a high Cyber Security posture and manage cyber risk.
Additionally, you will remain forward-thinking, keeping a watchful eye on emerging technological trends to ensure the organisation remains innovative and knowledgeable about current risks and threats within the cyber sphere.
Accountabilities
- Design, implement, and manage Cyber Security solutions outlined in the AFSA’s Strategic Technology Roadmap to progressively strengthen our Cyber Security posture. Ensure governance and compliance through application of the PSPF, ISM, Essential 8, through collaboration with ACSC, DTA, ANAO
- Coordinate operations to monitor security for systems, vulnerability management, perimeter services and event logging.
- Ensure the accuracy and implementation of safety and security policies and standard operating procedures (SOPs).
- Conduct regular security assessments and audits to identify vulnerabilities and ensure compliance with industry standards.
- Monitor and respond to security incidents, performing root cause analysis and implementing corrective actions.
Technology Accountabilities include:
- Intrusion Detection / Intrusion Prevention
- Security Incident and Event Management
- Perimeter Services, Firewall, Web Security Appliances
- Vulnerability Management
- Identify and Access Management
Core skills and capabilities
- Applies digital dexterity Demonstrates commitment to explore, learn and adopt new technologies and ways of working, to achieve better business outcomes.
- Displays a growth mindset.
- Communicates simply and clearly Communicates clearly in plain English, without using jargon.
- Demonstrates and ability to convey a message succinctly and with empathy, regardless of the medium (written, verbal, digital).
- Understands the target audience, and tailors’ message in a way that appeals to them.
- Engages people to build productive working relationships Acts with honesty, integrity and respect in dealings with others.
- Is willing and able to understand others’ perspectives.
- Sets and manages expectations to achieve positive outcomes.
- Fosters a service culture
- Keeps people at the centre of thinking, decisions and actions, including internal systems and processes. Demonstrates empathy, and curiosity and listens deeply to understand a person’s context, challenges and needs.
- Keep one’s word and follow through on promises or commitments made.
- Shapes strategic direction Has a macro view and looks beyond the boundaries of own responsibilities to the team, and industry and the broader community.
- Represents and advocates the agency’s position in a professional and specialist context.
- Keeps the end user in mind to shape program outcomes to meet needs.
- Uses information to make evidence-based decisions Researches, identifies and integrates relevant evidence towards finding solutions to the problem.
- Provides unbiased, comprehensive and accurate advice to others.
- Uses past experience and organisational/environmental awareness to analyse what information is important and how it should be used in the decision-making process.
- Working with ambiguity
- Demonstrates proactivity, emotional intelligence and self-direction in the face of uncertainty, change or new situations.
- Chooses a course of action or decision without having the total picture.
- Tertiary qualifications in Cyber Security, Information Technology or relevant industry certifications/experience (CISM, CISSP, CISA)
- 4+ years' experience in the field of Cyber Security
- Experience securing a range of enterprise-grade technologies, including cloud solutions.
