Exciting role at the Department of Education as Security Architect. You will assist management to implement enterprise security frameworks and standards, and help shape secure cloud & ICT deployment.
About the Role
The purpose of the role is to assist the Security Advisory Manager with implementation of security frameworks and all enterprise security artefacts and standards. The incumbent will also work with other staff and third parites to provide operational architecture support when needed.
This role contributes to the overall success of shaping future use of technology including consumption of cloud services ensuring the technologies are deployed securely. This role will ensure that certain solutions designed and implemented by the department and the Victorian Government have in place appropriate security controls and configuration.
Embedded into project and operational teams, the Security Architect will be an expert and pragmatic. The Security Architect will work with other subject matter experts to assess, design and document appropriate security designs and controls. This role works closely across multi-disciplinary ICT functions and collaborates with external agencies including the Department of Premier and Cabinet and Digital Victoria.
- This is a VPS5 role, Fixed Term until 30 June 2027
Attributes
The successful candidate will bring experience in cyber security architecture across complex ICT environments, with the ability to assess risks, apply technical solutions, and communicate security concepts to a range of stakeholders. Key capabilities include problem-solving, scripting, stakeholder engagement, and a commitment to continuous improvement in security practices.
Qualifications and Experience
Mandatory :
- Experience in working in an architecture function in a complex workplace, including experience with contemporary business technologies and architectural frameworks, knowledge of industry standard security architecture methodologies, tools and techniques
- Experience in architecting solutions using cloud computing models and solutions, including exposure working with AWS and Azure cloud platform security services
- Experience in managing third parties inclusive in writing Statement of Works for Security related requests.
- Knowledge of developing, guiding and maintaining System Security Plans
- Knowledge in the selection and implementation of relevant security controls and frameworks utilising PSPF, ISM, ISO 27002, CIS.
- Thorough understanding of privacy, valuation of information, and protective differences required at varying levels of classification
- Proven knowledge designing and implementing treatments that incorporate the Victorian Protective Data Security Framework and Standards (VPDSF/S) or ISM in line with data classifications.
- Demonstrated experience architecting for typical cyber threats impacting technology platforms across network, cloud services, databases, website platforms, and endpoint devices.
- Thorough experience conducting technology threat assessments to identify cyber risks, mapping pragmatic treatments to lower risk to within risk appetite.
- Bachelor's degree, or above in Cyber Security or related field
Desirable:
- Certification in relevant security body of knowledge
- Architecture or Engineeering certifications in cloud services covering Azure, GCP and AWS
- Certification in relevant architecture body of knowledge including SABSA, TOGAF, etc
- Certifications in project management, risk management