Job Description
We strive to create a collaborative environment where innovation thrives and our team members can grow professionally.
The Opportunity
* Work closely with technical experts, solution architects and engineers to identify, prioritize and implement cybersecurity measures that minimize vulnerabilities and enhance resilience.
* Evaluate system and product designs to ensure alignment with industry standards and security frameworks such as the Protective Security Policy Framework (PSFP) and Information Security Manual (ISM).
* Contribute to the development of security policies, procedures and audits to achieve and maintain system authorization.
* Perform threat and risk assessments as part of a cybersecurity maturation process, analyze critical system resources and attack surfaces, identify and prioritize mitigations, and recommend implementation approaches to the program.
* Assess cyber risks associated with engineering changes to system authorization baselines and collaborate with Engineering Integrated Product Teams (IPTs) to plan, design and implement required mitigations.
* Provide inputs for planning, scheduling and risk management activities related to cybersecurity across the Program.
* Evaluate process effectiveness and identify areas for improvement.
To succeed in this role, you will need:
* A tertiary degree qualification in an engineering or related technical field.
* A systems engineering background with extensive experience in security and industry standards.
* Demonstrated experience in applying relevant engineering practices, standards and regulations throughout the engineering development lifecycle.
* Experience implementing Secure Development and Operations (SecDevOps) systems and processes to ensure secure Software Development Life Cycle (SDLC) and Continuous Integration/Continuous Deployment (CI/CD) environments.
* Experience with Australian government (Defence) system authorization processes and developing associated authorization document packs.
* Strong written and verbal communication skills to clearly articulate complex security concepts to diverse audiences.
Candidates must be able to obtain a Negative Vetting level 1 clearance.