Must have Negative Vetting Level 1 Security clearance.
The IRAP / Cyber Security Assessor will be responsible for evaluating and assessing the security frameworks, technologies and practices within Federal departments to identify security gaps and vulnerabilities, conduct risk assessments and identify compliance gaps. The successful candidate will work closely with subject matter experts to create clear and concise technical security documentation, manuals and guides to effectively communicate complex technical information to various stakeholders.
Key duties may include, but are not limited to:
• Conduct comprehensive assessment of Gateway infrastructure to identify vulnerabilities and compliance gaps.
• Evaluate adherence and compliance with GRC framework including PSPF, ISM controls and ACSC Essential 8.
• Coordinate with internal and external stakeholders and advise on security controls and appropriate procedures / policies to maintain and enhance our overall security posture.
• Conduct periodic assessment and maintain agency’s security posture up to the protected classification level.
• Create and maintain technical documentation that supports Infrastructure projects and operations.
• Work with subject matter experts to develop work instructions, fact sheets, procedures, user guides, and quick reference guides.
• Maintain version controls to ensure consistency, compliance, and accuracy of technical documentation and knowledge articles.
• Select, adopt and adapt appropriate process definition and management methods, tools and techniques to deliver technical and business process documentation and specifications.
• Peer and quality review documents
Primary Technologies required for role include:
• Cyber
• IT Infrastructure
Mandatory Criteria
• Demonstrate in-depth experience with evaluating and implementing Cyber Security best practices of the GRC framework, the PSPF, ISM controls, ACS Essential 8, audits, reports and IRAP.
• Demonstrate proficiency with Microsoft Office products including Word, Excel, PowerPoint and Visio, and proven technical writing experience.
Desirable Criteria
• Practical industry experience as a certified IRAP assessor.
• Possess Cyber Security industry recognized certifications such as CISSP, CISA, CISM, GSLC, CRISC and GSNA.
• Demonstrate experience in the design and development of ICT Technical documentation including network/security/cloud/cyber design documentation, network diagrams and technical procedures.
• Well-developed writing skills, with demonstrated ability to write in a clear and concise manner, and to convey information effectively to staff of different levels and with different information requirements.
• Demonstrate design skills including the ability to produce well formatted documents and clear illustrations/diagrams
NOTE: All WFH arrangements will need to be negotiated with the Business area. At a minimum the candidate will be required to attend and undertake their work at a Services Australia office for 3 days per week