Job Title: Registered IRAP Assessor
This is a contract role for an experienced Lead Cyber Security Advisor to oversee and manage security requirements and documentation updates in preparation for an upcoming IRAP assessment.
Key Responsibilities:
* Deliver expert cyber security advice and guidance to the Sourcing Platforms team.
* Interpret the platform's current security controls against updated ISM and SSPA controls and identify new controls required for compliance.
* Update and maintain key security documentation, including SRMP, SSP, SSPA, Change Management Plan, Disaster Recovery and Business Continuity Plan.
* Support platform security enhancements and recommend measures to mitigate risks.
Requirements:
* Certified ASD IRAP Assessor with at least five years' technical ICT experience, including two years focused on information security for systems governed by the ISM.
* Proficiency in implementing Essential 8 strategies.
* Demonstrated ability to identify, analyse, and resolve infrastructure vulnerabilities and application security issues.
Selection Criteria:
1. Specialist Advice: Provides expert advice in their specialist area and maintains recognised expert level knowledge.
2. Secure Operations Management: Develops or operates security management procedures and processes without close supervision.
3. Policies and Standards: Incorporates recent advances in Information Security into existing policies and standards.
This role is essential for ensuring compliance with the Australian Government Information Security Manual (ISM) and supporting secure service delivery across the BuyICT platform.
Important Note:
The buyer has specified that each candidate must provide a response to each criterion, limited to 3000 characters.