Role Overview
Security Architects design, review, test and assure the technical environment, solution designs and solution implementations in accordance with current and emerging security best practice. They contribute to the technical architecture and security policies and practices.
Please apply only if you fit the following criteria:
Clearance: This RFQ is for NV2 (minimum) and TSPV (ideal) cleared candidates only.
Location of work: ACT
Working arrangements: Onsite
Key duties and responsibilities
Include but are not limited to:
* Develop security architectures (current, transitional and target) based on agency strategies and plans.
* Inform and validate security requirements for new and existing capabilities; apply requirements traceability to solution designs, implementations and configurations.
* Proactively assess the suitability of solution components against relevant architectures, strategies, policies, standards and practices; identifying issues and proposing options.
* Develop capability gap analysis based on the differences between the current and target state architectures providing guidance on risk management.
* Provide advice and risk-based guidance to support solution implementation including managing security elements of change requests and deviations from specifications.
* Contribute to the approval of designs through architectural, security and stakeholder bodies.
Technical skills
* Degree in Computer Science or other relevant field
* Demonstrated security architecture experience of 3+ years.
About the organisation
Our Client is a statutory agency that defends Australia against global threats and advances national interests through foreign signals intelligence, cyber security and offensive cyber operations as directed by the Australian Government.
Criteria
The buyer has specified that each candidate must provide a response to each criterion listed below. Each response is limited to 3000 characters (white space included).
Essential criteria
1. Information Assurance – Level 5 (SFIA)
Interprets information assurance and security policies and applies these to manage risks. Provides advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines. Plans, organises and conducts information assurance and accreditation of complex domains areas, cross-functional areas, and across the supply chain. Contributes to the development of policies, standards and guidelines.
2. Information Security – Level 5 (SFIA)
Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Contributes to development of information security policy, standards and guidelines. Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems. Investigates major breaches of security, and recommends appropriate control improvements. Develops new architectures that mitigate the risks posed by new technologies and business practices.
3. Solution Architecture – Level 4 (SFIA)
Contributes to the development of solution architectures in specific business, infrastructure or functional areas. Identifies and evaluates alternative architectures and the trade-offs in cost, performance and scalability. Determines and documents architecturally significant decisions. Produces specifications of cloud-based or on-premises components, tiers and interfaces, for translation into detailed designs using selected services and products. Supports projects or change initiatives through the preparation of technical plans and application of design principles. Aligns solutions with enterprise and solution architecture standards (including security).
4. Specialist Advice – Level 5 (SFIA)
Provides definitive and expert advice in their specialist area. Actively maintains recognised expert level knowledge in one or more identifiable specialisms. Oversees the provision of specialist advice by others. Consolidates expertise from multiple sources, including third-party experts, to provide coherent advice to further organisational objectives. Supports and promotes the development and sharing of specialist knowledge within the organisation.
5. Systems Design – Level 5 (SFIA)
Designs large or complex systems and undertakes impact analysis on major design options and trade-offs. Ensures that the system design balances functional and non-functional requirements. Reviews systems designs and ensures that appropriate methods, tools and techniques are applied effectively. Makes recommendations and assesses and manages associated risks. Adopts and adapts system design methods, tools and techniques. Contributes to development of system design policies, standards and selection of architecture components.