The Security Analyst will utilise their experience and understanding of key cyber security standards, to provide cyber security assessment and authorisation advice, and to produce system documentation in support of assessment requirements. The Security Analyst will be required to engage with key stakeholders within the department, and within programs and project capability groups.
Activities include:
* Advice and support: providing contextual security advice to projects and stakeholders to ensure effective security controls are implemented as per Australian Government and Defence requirements. Also, reviewing and assessing proposed and actual changes to system baselines.
* Pre-assessment: developing and managing system security documentation.
* Security assessment: reviewing system documentation and assessing systems
* Governance and management: reviewing and assessing system changes to approved baselines, developing and maintaining processes and policy.
* Hold a relevant industry information systems security certification
* Detailed understanding of the PSPF, DSPF, ISM and other relevant ICT Security Standards such as ISO 27001.
* Experience in ICT Information Security or ICT Security Architecture, preferably with communications network systems
It is highly desirable that the System Security Analyst also has the following experience and qualifications to undertake this task:
* IRAP certification, or have previous experience in the IRAP program.
* Recent experience in security assessments of ICT systems within Australian Government context.
* Experience in cloud certification and accreditation within an Australian Government context.
* Experience in ICT Security Risk Management and methodologies.
*Please note that only shortlisted candidates will be contacted
#J-18808-Ljbffr