The Security Advisor – Security Governance is responsible for assisting with the effective implementation of security arrangements for Our Client. The Security Advisor – Security Governance will work as part of a growing team to support our adherence with the Defence Industry Security Program (DISP) and assist with the implementation of Our Client Security roadmap, including the undertaking of security activities in accordance with Our Client programs including requirements from the Australian Naval Nuclear Power Safety Act 2024.
The Security Advisor – Security Governance will support the security team by providing ongoing coordination and advice regarding security compliance which is critical to the success of Our Client activities.
Role Overview
The Security Advisor – Security Governance is responsible for assisting with the effective implementation of security arrangements for Our Client. The Security Advisor – Security Governance will work as part of a growing team to support our adherence with the Defence Industry Security Program (DISP) and assist with the implementation of Our Client Security roadmap, including the undertaking of security activities in accordance with Our Client programs including requirements from the Australian Naval Nuclear Power Safety Act 2024.
The Security Advisor – Security Governance will support the security team by providing ongoing coordination and advice regarding security compliance which is critical to the success of Our Client activities.
Essential Skills and Experience Required for this Position
Essential Requirements
* Professional Qualification in an appropriate field
* Eligible for AGSVA Negative Vetting Level 1
* Eligible to meet International Traffic in Arms (ITAR) Regulations
Essential Skills and Experience
* Minimum 2 years' experience in a Defence or similar environment with a particular focus on Defence and other Australian government policies and high attention to detail
* Security disciplines and their practical application to Defence
* Experience and knowledge in compliance, assurance and governance frameworks
* In-depth knowledge of security in relation to DISP and/or Defence
Required Behavioural Capabilities
* An ability to simply communicate complex issues (written/ verbally)
* Ability to work collaboratively and develop strong cross functional teams
* Identify areas continuous improvement and lessons learned
Person Specification
* Highly driven and motivated to achieve positive business and customer focused outcomes
* Strategic vision and future focused
* Consistently demonstrate positive cultural behaviours that are consistent with organisational values
* Works in a collaborative manner with team members nationally
* High level of integrity and resilience
Position Context & Complexity
Under the day-to-day direction of the Team Lead – Security Governance & Risk, this role will provide advice, awareness and assurance that Commonwealth and Our Client Security policy requirements are being met throughout the business.
Specific Duties
* Provide guidance and direction to stakeholders across functions relating defence security requirements.
* Ensure security compliance to DSPF, Protective Security Policy Framework, Information Security Manual and DISP membership requirements.
* Review and maintain the necessary CMS documents to define and execute security procedures and processes in a regulatory compliant fashion.
* Build and manage relationships with key internal and external stakeholders.
* Communicate and support the vision for security policy.
* Develop an in-depth understanding of the Security Classification Categorisation Guide (SCCG) in order to provide advice and guidance regarding the marking of information and handling of physical assets.
* Provide support to Our Client Security Operations team when required and directed.
Responsible to
* Team Lead – Security Governance & Risk
* Security Manager
* Chief Security Officer
Consults with
* Defence security representatives including but not limited to: ASA, Australian Naval Infrastructure (ANI), ASIO and Law Enforcement as required to effectively support Our Client risk environment
* NPSSR representatives as required to effectively manage Our Client risk environment
Major Areas of Accountability
Customer Service and Stakeholder Engagement – 20%
What needs to be delivered:
* Represent the Security Team at relevant working groups and produce briefs and other reporting to drive best practice and information sharing to other areas of Our Client or CoA, if needed.
* Support security briefings, educational sessions and training as identified.
Success measures:
* Clear and effective communication with all stakeholders.
* Results focused, professional, self-motivated, organised, output motivated team member with proven communication skills.
* Able to work both in a team environment and autonomously across at all levels of the organisation.
* Foster continuous improvement and process reduction initiatives/ activities and deliver associated reporting.
Risk Management – 20%
What needs to be delivered:
* Risk management activities, inclusive of security and business risk assessments in consideration of security goals and strategic objectives of Our Client, including how security risk management intersects with and supports broader business objectives and priorities
* Identification of threats, risks and vulnerabilities that impact the protection of Our Client's people, information and assets
* Contributing towards advice to Our Client in relation to risk tolerance and the overall maturity of the Our Client security capability to manage identified risks
* Support the Team Lead – Security Governance & Risk input into Our Client's strategies to implement security risk management, maintain a positive risk culture and deliver against the DSPF and PSPF
Success measures:
* Security risk governance in place within CMS and embedded within organisational activities.
* Corporate security risk assessment and associated registers in place and effective.
Governance and Compliance – 50%
What needs to be delivered:
* Adhere to, and maintain policies, procedures and security training arrangements for all personnel. Assist with oversee associated training, reporting and assurance programs.
* Provide advice on requirements for post security incident activities in order to ensure risks are identified, managed and mitigated. This includes actions taken to prevent reoccurrence, reviews of current processes and updating CMS documents where applicable.
* Conduct security assurance activities across Our Client nationally and internationally.
Success measures:
* All relevant policies updated as required.
* Training needs identified and compliance obligations managed and reviewed as required.
* Security assurance program in place nationally and delivering measurable impact.
Continuous Improvement (CI) – 10%
What needs to be delivered:
* Input into security risk mitigations, including escalation where required.
* Contribute to security workplace change and culture initiatives including actively identifying continuous improvement opportunities.
* Make a positive contribution and beneficial difference to the business by continuously improving the way we do things.
* Support the development of key business improvement reporting activities.
Success measures:
* Workplace change initiatives have a clear plan and outcomes.
* Continuous Improvement activities are documented with measures and reported on.
#J-18808-Ljbffr