**Job description**:
- **Federal Government Assignment**:
- ** Contract Term:12 months + 12 months extension**:
- ** Locations - Canberra-ACT ,Geelong -VIC**:
- ** Max Day Rate: $1077.00 + GST**:
- ** Hybrid / Flexible working arrangements provided - (minimum of 3 days each week in the office, with flexible arrangements in place for the remaining 2 days at home)**:
- ** Working Rights: Australian Citizen**
**About the Organisation**
Our Federal Government client aims to support a better life for hundreds of thousands of Australians with a significant and permanent disability and their families and carers.
**About the Team**
The Cyber Security Governance, Risk and Compliance Team is building its capability with the aim to elevate its maturity.
**The Role**:
The
**Assistant Director Cyber Engagement** role is responsible for leading a team that provides Governance, Risk and Compliance (GRC) and Cyber Design related advice to the Office of the Chief Information Officer (OCIO) and other internal and external stakeholders.
The role ensures Cyber compliance is addressed by projects and solution implementation teams before a Cyber Assessment process is undertaken. This role is crucial to maintaining the security and integrity of information and systems in OCIO and other allied services and entities that interface with the Agency's ICT environment.
Responsibilities of the role include but are not limited to:
- Engage with key stakeholders both internal & external and key OCIO design stakeholders to ensure Cyber risk management is addressed in solution concept and design stages.
- Engage with various technical and business areas to ensure Cyber Security is considered during the requirements analysis and solution design phases of a project.
- Evaluate business and IT risks during project initiation and solution design phases to ensure Cyber risk management is a component of the original design.
- Provide Cyber GRC related advice at key technical forums.
- Report to the GRC Management team on proposed technological advancements and key design decisions being made at technical forums, to support Cyber resource planning arrangements.
- Enhance Agency Cyber Security awareness and culture by positively engaging with technical and non-technical teams across the Agency.
- Lead the pre-ATO analysis of requirements and design of clients' information security posture, as well as Legal, Regulatory and Scheme security requirements.
- Perform ad-hoc cyber security focussed product reviews of new systems and services being considered by technical and business areas across the NDIA.
- Perform and investigate internal and external information security risk and exceptions assessments.
- Document and report design and control failures and identify gaps to stakeholders. Provide remediation guidance and prepare reports to track remediation activities to resolution.
- Perform other related duties as assigned from time to time based on business requirements.
**Essential Skills and experience**:
**Mandatory Criteria**:
- Minimum 3 - 5 years' experience in Cyber Governance, Risk & Compliance or a related field of Cyber Security.
- Knowledge of key Australian Government compliance frameworks including the ACSC ISM and PSPF.
**Desirable Criteria**:
- Ideally will hold CEH, CISSP, CISA and/or CISM qualifications.
- Current IRAP certification is highly desirable.
- Proven ability to make sound pragmatic decisions and judgements under tight timelines.
- Strong interpersonal and communication skills with an ability to influence and drive change in a collaborative way both internally and externally.
- Strong analytical skills across ICT Architectural Domains including integrated secure Cloud Hosted Services.
- Demonstrated experience in dealing with technical and non-technical business teams in a Cyber GRC engagement context.
**To Apply**:
**Aureen Vaz** on
Note: You may be required to provide evidence of your COVID-19 vaccination status.