1. Exciting opportunity for a GRC Security Operations Officer
2. Canberra located
3. 12 Month contract + multiple extension opportunities
4. Must hold an NV1 Security Clearance to apply for this role
The Client
Our Client is an Australian government intelligence agency that is responsible for the collection, analysis, and distribution of geospatial intelligence in support of Australia's defence and national interests.
The Role
The Governance Risk and Compliance (GRC) Officer role will evolve over time in response to new capabilities, the consolidation of a Security Operations Centre (SOC) across multiple platforms and maturation of the organisation's broader IT security framework.
At present, the fundamental objectives of this role include:
5. Provide IT security leadership and advocacy across a group of platforms and hosted systems delivering a range of services. These services will include:
6. application development environments
7. shared space for industry and partner engagement
8. lifecycle management of geospatial data.
9. Focussing on platforms and systems hosted on AWS cloud infrastructure as either a cloud-only or hybrid on premise architecture. This includes
10. platforms and systems that have already been transitioned to sustainment
11. similar platforms and systems currently being developed.
12. Deliver and maintain IT security certification and accreditation/authorisation of the platforms and systems identified above. This will include:
13. Review and input to designs and changes
14. engagement with the IT Security Architect as required.
15. Engagement with at least one Certification Authority and possibly two.
16. Setting scope and providing coordination for peripheral activities such as:
17. third party security testing
18. internal IT security operations
19. system demonstrations.
20. Engagement with internal and external stakeholders as required to deliver IT security requirements in alignment with project and sustainment schedules
21. Engage with other personnel working on other more highly classified platforms in order to support cross-platform dataflow
22. Deliver GRC-related reporting to the IT Security Lead and relevant project or sustainment managers,
23. Supporting other members of the broader IT security team, within the GRC context, as required from time to time.
About You
The ideal candidate will possess:
24. Understanding of various COTS technologies such as AWS components, Splunk based indexing and Security Information and Event Management (SIEM)
25. Understanding of containerisation and Docker-based development
26. Strong stakeholder engagement and formal reporting skills
27. Experience providing IT security leadership and advocacy across a group of related platforms and hosted systems delivering a range of services.
28. Experience focusing on platforms and systems hosted on AWS cloud infrastructure as either a cloud-only or hybrid on premise architecture.
29. Experience delivering and maintaining IT security certification and accreditation/authorisation of ICT platforms and systems
30. Experience delivering GRC-related reporting for multiple platforms and systems
You must hold an NV1 Security Clearance to apply for this role
To