- This is a hands-on operational role, requiring close collaboration with the Operations team ITSA.
- Maintain and manage the department's vulnerability scanning tool and develop/improve monitoring dashboards for various reporting needs.
- Actively participate in the department's security improvement program, including enhancing maturity against Essential 8 criteria and assisting with periodic gap analyses.
- Liaise with external vendors conducting security assessments or penetration testing.
- Conduct ICT vulnerability assessments, mitigate threats, remediate vulnerabilities, escalate issues, and follow through to completion.
- Collaborate with relevant teams to ensure and monitor security for systems, applying ACSC's Essential Eight principles. Respond to and investigate sensitive/complex cyber security incidents.
- Assist the ITSA in managing incidents with potential data or privacy breaches.
- Support the ITSA in developing solutions to address business security challenges.
- Resolve/advise/escalate ICT security issues via the service center tool as part of routine operations.
- Work with the ITSA and CISO to define and document appropriate security policies for the department's environment.
Location of Work: Australian Capital Territory
Length of Contract: Initial 6 months with possible extensions
Security Clearance: Must have current baseline clearance
Selection Criteria:
Essential:
- Minimum 3 years' hands-on technical experience supporting cyber security operations for medium-sized government or private organizations.
- Experience managing and maintaining SIEM tools (Splunk, Azure Sentinel) and vulnerability management tools (Tenable Nessus).
- Knowledge of PSPF, ISM, Essential 8 maturity model, and their effective interpretation and application.
- Understanding of cloud solutions (SaaS, PaaS, etc.) and how security applies to architecture patterns.
- Relevant industry certifications.
- Experience managing and securing Wintel and Linux platforms (vulnerability management, hardening, patching). Knowledge/experience with Microsoft 365, Azure Security Centre, Azure or AWS, and relevant security best practices on these platforms.
- Knowledge and understanding of cryptography and its practical application in a heterogeneous environment (predominantly Wintel and Linux).