An opportunity has become available for an experienced and knowledgeable EL1 Assistant Director of Cyber Engagement to join our client's busy and growing team. This is a great opportunity to join a large department with a strong cyber team operating in an interesting and dynamic project environment.
**EL1 Assistant Director, Cyber Engagement**
**Contract**: 12-month contract role with option of further 12-month extension.
**Location**: Canberra, ACT (Hybrid working arrangements)
The Assistant Director Cyber Engagement role is responsible for leading a team that provides Governance, Risk and Compliance (GRC) and Cyber Design related advice to the Office of the Chief Information Officer (OCIO) and other internal and external stakeholders. The position delivers a value-add through ICT Risk identification, assessment, and pre-Authority to Operate design related remediation advice. The role ensures Cyber compliance is addressed by projects and solution implementation teams before a Cyber Assessment process is undertaken. This role is crucial to maintaining the security and integrity of information and systems in OCIO and other allied services and entities that interface with the Agency's ICT environment.
Duties
- Engage with key stakeholders including senior agency management and key OCIO design stakeholders to ensure Cyber risk management is addressed in solution concept and design stages.
- Provide Cyber GRC related advice and report to the GRC Management team on proposed technological advancements and key design decisions being made at technical forums, to support Cyber resource planning arrangements.
- Enhance Agency Cyber Security awareness and culture by positively engaging with technical and non-technical teams across the agency.
- Lead the pre-ATO analysis of requirements and design of clients' information security posture, as well as Legal, Regulatory and Scheme security requirements.
- Perform ad-hoc cyber security focussed product reviews of new systems and services being considered by technical and business areas across the agency. Perform and investigate internal and external information security risk and exceptions assessments.
- Document and report design and control failures and identify gaps to stakeholders.
**Essential criteria**
- Minimum 3 - 5 years' experience in Cyber Governance, Risk & Compliance or a related field of Cyber Security.
- Must hold Australian Citizenship and be willing to undergo Security Vetting processes to the level of NV1.
- Knowledge of key Australian Government compliance frameworks including the ACSC ISM and PSPF.
**Desirable Criteria**
- Ideally will hold CEH, CISSP, CISA and/or CISM qualifications.
- Current IRAP certification is highly desirable.
- Strong analytical skills across ICT Architectural Domains including integrated secure Cloud Hosted Services.
- Demonstrated experience in dealing with technical and non-technical business teams in a Cyber GRC engagement context.