Profectus is seeking Expressions of Interest from endorsed IRAP Assessors to support anticipated opportunities across multiple Australian Government departments and the broader national security community. These roles are expected to contribute to the security assessment of systems, services, and platforms processing OFFICIAL through to SECRET-classified information, supporting Commonwealth accreditation outcomes. Opportunities are most likely to be Canberra-based, with potential travel to government and industry partner sites nationally.
Key Responsibilities
* Plan and conduct IRAP assessments of systems, services, and platforms supporting Australian Government clients
* Assess controls against the current Information Security Manual (ISM) and supporting ASD guidance
* Produce IRAP assessment reports, security control matrices, and supporting evidence packs to ASD‐endorsed standards
* Engage with system owners, Commonwealth accreditation authorities, and capability managers throughout the assessment lifecycle
* Provide pragmatic, risk‐informed advice to support accreditation and authorisation decisions
* Support remediation planning and re‐assessment activities post‐assessment
* Contribute to security architecture reviews and design assurance for cloud and platform initiatives
* Maintain currency with ASD and Commonwealth security policy developments
Required Experience
* Demonstrated experience leading IRAP assessments at OFFICIAL: Sensitive, PROTECTED and/or SECRET
* Deep working knowledge of the ISM, Essential Eight, PSPF, and supporting ASD publications
* Experience working with Commonwealth accreditation authorities
* Strong report writing skills with the ability to produce ASD‐aligned, audit‐ready documentation
* Excellent stakeholder management skills across government, Industry, and Commonwealth audiences
* Prior experience assessing systems within classified Australian Government environments
* Hands‐on experience assessing cloud platforms (Azure, AWS, M365) including sovereign offerings
* Experience with OT, IC S, mission, and other specialised system environments
* Familiarity with NIST CSF, NIST SP 800‐53, ISO/IEC 27001, and CIS Benchmarks
* Background as a security architect, GRC lead, or senior cyber consultant prior to IRAP endorsement
Certifications (Highly Regarded)
* Certified Information Systems Security Professional (CISSP)
* Certified Information Security Manager (CISM)
* Certified Information Systems Auditor (CISA)
* Cloud security certifications (e.g. CCSP, AZ‐500, AWS Security Specialty)
Security Requirements
* Must be an Australian Citizen
* Must have the ability to obtain a Negative Vetting Level 1 (NV1) clearance
Working Arrangements
* Predominantly Canberra‐based roles within secure Australian Government environments
* Onsite work is expected for most opportunities, including engagement on classified networks
Why Profectus
Profectus partners with the Australian Government to deliver trusted capability across complex classified environments. We take a long‐term, relationship‐driven approach - supporting our people across the full lifecycle of their engagement while contributing to outcomes of national importance. We are focused on building a strong network of cleared professionals to support upcoming demand across the Commonwealth and the broader national security community, and encourage Expressions of Interest from individuals seeking meaningful, impactful work in the national security domain.
#J-18808-Ljbffr