To obtain a copy of the Candidate Information Kits for this vacancy, please click on the 'Apply Online' button to the left of this advertisement. The key duties of the position include Employment Opportunity We are looking for a Cyber Security Governance, Risk and Compliance (GRC) Officer to assist in safeguarding the department's systems and critical information. The successful applicant will have significant experience working with Australian Government security regulations and frameworks such as the Protective Security Policy Framework (PSPF), Information Security Manual (ISM), Essential 8 and ASD Blueprint. The successful applicant is expected to be able to effectively provide well informed advice and direction in relation to Cyber Security principals, best practice and architecture practices across the Department to a range of technical and non-technical stakeholders. All work will be in support of the strategic objectives of the department and division. The successful applicant will work within a team structure and will develop plans and processes to manage cyber and information security risks appropriately and effectively whilst ensuring the Department meets its regulatory requirements. The role will focus on the system authorisation of departmental networks, platforms and applications, delivered both on-premise and in the cloud. Officers will work with project teams to enable the successful and secure delivery of systems. Working under the guidance of the department's Information Technology Security Advisor (ITSA), you will liaise with the operations, infrastructure, and cloud teams along with third party providers. Candidates should be energetic and highly motivated with a desire to learn in a dynamic enterprise environment. This is a highly technical role and as such, requires relevant technical experience. The positions will be filled at Executive Level 2 and will suit candidates who have a number of years of hands on technical cyber security experience, demonstrated leadership capabilities, strategic thinking and communicating with influence to a broad stakeholder group. How you can help us make a difference We seek people who bring external ideas, diverse experience, and global perspectives, and are willing to explore innovative ways of working. People who work for us will display leadership at all levels, apply information effectively in order to solve problems, and work collaboratively to achieve outcomes. Our ideal candidate will have: Detailed knowledge of Australian Government standards, such as the Protective Security Policy Framework (PSPF) and the Australian Government Information Security Manual (ISM). Detailed knowledge of the Australian Cyber Security Centres (ACSC) Essential 8 maturity model. Working knowledge of ASDs Blueprint for Secure Cloud or equivalent vendor blueprints. Experience identifying, evaluating, and articulating technical risk in an enterprise environment. Detailed knowledge in the assessment and authorisation of ICT platforms and solutions. A demonstrated track record of performing quality work as part of a team and project. Demonstration of comprehensive knowledge of ICT and Cyber Security technologies and best practices. Experience in similar role within a medium/large size organisation. Desirable: Certification in any of the following: CISSP, Security, CISA, CISM, SABSA, GIAC and SANs. Relevant tertiary qualifications.
