**Security Analyst - Daily - $915 - Daily Flexible**
**SFIA Level SCTY 6**
Reports to: IOP Mins Program Manager / Program Delivery Manager
**Security Analyst**: This role will work within the Interoperability (IOP) Minors Projects area of the
Warfighting Networks and Applications Support Organisation (WSO), ICT Delivery
Division, Chief Information Officer Group, Department of Defence.
Security analyst role is to develop and communicates corporate information security
policy, standards and guidelines. Contributes to the development of organisational
strategies that address information control requirements. Identifies and monitors
environmental and market trends and pro-actively assesses impact on business
strategies, benefits and risks. Leads the provision of authoritative advice and
guidance on the requirements for security controls in collaboration with experts in
other functions such as legal, technical support. Ensures architectural principles are
applied during design to reduce risk and drives adoption and adherence to policy,
standards and guidelines.
The Security Analyst resource will be required to perform and/or have responsibility
for duties including, but not limited to:
- Responsibility for the production of system security documentation for IOP
projects to ensure the system can be accredited
- Responsibility for the security accreditation, overall security posture of the
solution and the vulnerability assessment for the system.
- Assisting the Lead Solution Architect and Engineers with security advice and
documentation reviews.
- Producing security document packs for ICT Security assessments (Stage
One and Stage Two Audits) on project deliverables using security
frameworks such as the ISM, PSPF, DSPF and other international
standards.
- Producing security assessment reports (such as Compliance Reports and
Certification Reports) to the relevant certification authority within Defence.
- Providing independent advice to projects on considerations for achieving ICT
security certification and accreditation
- Provide support to Security Governance on the development and
improvement of project security processes, methods and artefacts
- Managing security internal and external stakeholders and ensure that a
relationship is maintained
- Assist in the development and review as well as provide comment on
security related deliverables.
- Any other tasks reasonably requested by the program.
Mandatory:
- Bachelor's degree in computer science or related field or certified in system
security.
- Experience in information security or related field.
- Experience with computer network penetration testing and techniques.
- Understanding of firewalls, proxies, antivirus, and ITSM concepts.