Cyber Security
Executive Level 1
Salary: $145,137 - $169,572 (Plus Superannuation)
ASIS is Australia’s overseas secret intelligence collection agency. Its mission is to protect and promote
Australia’s vital interests through the provision of intelligence services as directed by the Australian
Government. Its work can involve collecting intelligence relating to national security, international
relations and economic issues. It also contributes to Australia’s coordinated national efforts against
terrorism, proliferation of weapons of mass destruction, and trans-national issues such as people
smuggling.
ASIS employs people in a wide range of roles, including technologists. These roles require dynamic team
players who enjoy working with stakeholders, team members and individually on projects. ASIS is looking
for people who will be able to meet tight deadlines and work to support ASIS priorities. Sucessful
candidates will have excellent coordination and administration skills, excellent verbal and written
communication skills; and, strong stakeholder engagement and influencing skills. Relevant tertiary
qualifications and demonstrable experience will be highly regarded.
ASIS values workplace diversity and is committed to providing a supportive, inclusive and respectful
work environment. We encourage applications from Aboriginal and Torres Strait Islander People, women,
people with disabilities, people that identify as LGBTIQ+ and people from culturally and linguistically
diverse backgrounds.
We offer a competitive salary package including 22 days annual leave, shutdown between Christmas
and New Years Day, 15.4% employer superannuation contribution, and generous paid parental leave.
Full and part time positions as well as flexible work hours can be negotiated.
All positions are office-based and located in Canberra. This role requires the successful applicant to
obtain and maintain a Security Clearance.
ASIS is seeking to place enthusiastic and capable cyber specialists in a number of positions across the
Service including lead roles in cyber security engineering, cyber security operations and cyber security
assurance within a key Operational Technology area. In addition to our current vacancies, successful
applicants through this process will be placed in a merit pool which may be utilised to fill future vacancies
over the next 18 months. You will be asked to indicate your main area of interest/experience.
If you are interested in working in a particular area, we encourage you to tailor your responses to indicate
your relevant skills and experience with regards to that function.
About the Teams
Operating within either the Security Branch or as a member of a key Operational Technology area,
Cyber Security Directorate monitors, enables, and advises on the cyber security of the myriad
technologies that underpin ASIS’s business and operations. Cyber Security is multi-disciplinary team
that consists of three key work streams – Operations, Engineering, and Assurance – that provide the
following services:
1. Operations
a. Develop, monitor, and triage security logs and alerts;
b. Coordinate delivery of the Service’s cyber security incident response activities; and
c. Undertake threat hunts to proactively identify anomalous network activity.
2. Engineering
a. Collaborate with key stakeholders to identify and address cyber security capability gaps;
b. Plan and manage the development of current and future cyber security capabilities;
c. Maintain cyber security capabilities as exemplars of effective and secure system design,
in a high-security environment.
3. Assurance
a. Assess and report on the cyber security risk posture of ASIS’s systems;
b. Provide security architecture advice to ASIS’s projects and system managers; and
c. Develop and deliver cyber security awareness campaigns to ASIS staff.
Please ensure you identify the specific role(s) you would like to be considered for when submitting your
application.
Roles
Manager – Cyber Security Operations
You will develop, manage and lead the Operations team, responsible for the cyber security monitoring
of ASIS’s systems, and coordination of the Service’s cyber incident response activities. You will
manage the delivery of ASIS’s cyber security incident response framework, encompassing activities
from effective security monitoring (including user activity monitoring), through to remediation and
recovery following a cyber security incident. You will guide the development of accurate and
informative security reporting for customers, and continuously engage with industry and partners to
identify improved ways of working.
To be successful in this role, you will have:
Familiarity with risk management, incident response, and investigative best-practices.
Demonstrated understanding of the Protective Security Policy Framework (PSPF), Information
Security Manual (ISM), and/or Essential Eight (E8) requirements.
Demonstrated understanding of at least one technology domain (e.g. infrastructure,
virtualisation, databases, software development, data analytics, machine learning, etc.).
A proven ability to communicate complex issues to technical and non-technical audiences.
Technical Lead - Cyber Security Operations
You will perform a technical lead role either within the Operations team or as a member of a key
Operational technology area. You will lead the delivery of robust, scalable, and fit-for-purpose cyber
security use cases that support the detection of key threats to the Service. In the event of an incident,
you will lead the delivery of Service’s cyber security incident response activities. You will also identify
and lead cyber security threat hunt activities to proactively identify potential threats to ASIS’s systems.
To be successful in this role, you will have:
Experience managing investigations, performing security analytics, and developing reporting
for various (e.g. technical, non-technical, senior, and junior) stakeholder groups.
Demonstrated understanding of at least three technology domains (e.g. infrastructure,
virtualisation, databases, software development, data analytics, machine learning, etc.).
Familiarisation with cyber security capabilities including SIEM and Data Analytics platforms,
query/coding languages such as SQL, SPL, Java, Python and/or PowerShell, and digital
forensics.
Technical Lead - Cyber Security Engineer
You will perform a technical lead role either within an Engineering team or as a member of a key
Operational technology area. You will lead the development and maintence of technical capabilities that
directly support the broader team’s services. You will contribute to the execution of ASIS’s Cyber Security
Capability Roadmap by: researching, developing and integrating new technical capabilities to ensure
coverage and collection of valuable audit events, optimising the sustainment of capabilities by
automating routine tasks and processes, and ensuring the team’s capabilities are exemplary high-
security systems. You will build valuable working relationships across teams, vendors and partner
agencies to ensure technical capabilities are implemented on-time and to-specification.
To be successful in this role you will have:
Hands-on experience in delivering technical capabilities.
Familiarisation with ICT Infrastructure and networking, data processing, SIEM platforms,
vulnerability management, and cloud security (e.g. Azure and AWS).
Proven ability to translate user requirements into technical features/functions.
Manager – Cyber Security Assurance
You will develop, manage and lead an Assurance team or as a lead in a key Operational techology
area, responsible for cyber security assessment, architecture advice, and education within ASIS. You
will manage the delivery of ASIS’s security assessment and authorisation program, covering network
penetration testing, vulnerability managment, and configuration analysis to report on and remediate
identified vulnerabilities. To enable the implementation of secure systems, you will guide your team in
the development of threat models and scenarios to validate security-enforcing controls, and
recommend mitigations and countermeasures to address identified risks.
To be successful in this role, you will have:
Familiarity with both risk management, and assessment/audit best-practices.
Demonstrated understanding of the Protective Security Policy Framework (PSPF), Information
Security Manual (ISM), and/or Essential Eight (E8) requirements.
Demonstrated understanding of at least one technology domain (e.g. infrastructure,
virtualisation, databases, software development, data analytics, machine learning, etc.).
Proven ability to communicate complex issues to technical and non-technical audiences.
Education, Qualification and Experience
For all roles, the following education, qualifications and/or experience will be highly regarded, though
not essential:
Experience in the management and/or development of a specialist team.
Excellent coordination, administration, verbal and written communication skills.
5+ years of experience in a relevant field of expertise.
Industry certifications including, but not limited to: Cert IV in Government Investigations, IRAP,
CISA, CRISC, CCSP, CISM, CISSP, SABSA, OCSP, Microsoft, Linux, Cisco, Splunk.
Selection Criteria
Candidates are not required to provide a separate written response to the ILS capabilities (below),
however, candidates are encouraged to consider the capabilities in preparing their application, as each
candidate will be assessed on their ability to demonstrate behaviours aligned to the capabilities for the
position.
For more information on the ILS, tips on applying for jobs in the Public Service, go to the APSC website
found at
Shapes Strategic Thinking
Inspires a sense of shared purpose and direction;
Focuses strategically;
Harnesses information and opportunities; and
Shows judgment, intelligence and common sense.
Achieves Results
Builds organisational capability and responsiveness;
Marshals professional expertise;
Steers and implements change and deals with uncertainty; and
Ensures closure and delivers on intended results
Cultivates Productive Working Relationships
Nurtures internal and external relationships;
Facilitates cooperation and partnerships;
Values individual differences and diversity; and
Guides, mentors and develops people.
Exemplifies Personal Drive and Integrity
Demonstrates public service professionalism and probity;
Engages with risk and shows personal courage;
Commits to action;
Displays resilience; and
Demonstrates self-awareness and a commitment to personal development.
Communicates with Influence
Communicates clearly;
Listens, understands and adapts to audience; and
Negotiates persuasively.
Job Specific Requirements
Demonstrated experience and education relevant to the role.
HOW TO APPLY
Applicants will need to apply ONLINE via our website.
Applicants will required to attach a resume and submit a maximum 800 word pitch outlining their
relevant experience, skills and knowledge to perform the duties of the role.
Applicants are encouraged to consider the capabilities when preparing their application, as this will
form the basis of selection assessment. For more information and tips on applying for jobs in the Public
Service, search ‘Joining the APS’ at
After application submission, you may receive an SMS requesting you to complete online testing.
Please ensure you complete this as your application will not be progressed otherwise.
APPLICATIONS CLOSE: Refer to date on website
ELIGIBILITY
Candidates must be Australian citizens.
The successful candidate will be required to obtain and maintain a security clearance.
REASONABLE ADJUSTMENTS
All requests for reasonable adjustments will be considered and managed in consultation with you. We
will continue to ask you if you require reasonable adjustments at each stage of the process. If you are
successful in gaining employment, reasonable adjustments can also be made available to you in
performing your role.
WHAT HAPPENS NEXT?
You may receive a SMS requesting you to complete online testing. Please ensure you complete this as
your application will not be progressed otherwise.
Please do not tell anyone about your application with our organisation at this stage of the process as
doing so may harm your suitability for employment with us.
A merit list will be established for candidates who are suitable and will remain valid for a period of 18
months.
We thank you for the time and effort you have put into your application; however, we are unfortunately
unable to provide feedback to unsuccessful candidates.