About the Teams
Operating within either the Security Branch or as a member of a key Operational Technology area, Cyber Security Directorate monitors, enables, and advises on the cyber security of the myriad technologies that underpin ASIS's business and operations. Cyber Security is multi-disciplinary team that consists of three key work streams – Operations, Engineering, and Assurance – that provide the following services:
1. Operations
a. Develop, monitor, and triage security logs and alerts;
b. Coordinate delivery of the Service's cyber security incident response activities; and
c. Undertake threat hunts to proactively identify anomalous network activity.
2. Engineering
a. Collaborate with key stakeholders to identify and address cyber security capability gaps;
b. Plan and manage the development of current and future cyber security capabilities;
c. Maintain cyber security capabilities as exemplars of effective and secure system design, in a high-security environment.
3. Assurance
a. Assess and report on the cyber security risk posture of ASIS's systems;
b. Provide security architecture advice to ASIS's projects and system managers; and
c. Develop and deliver cyber security awareness campaigns to ASIS staff.
Please ensure you identify the specific role(s) you would like to be considered for when submitting your application.
Roles
Manager – Cyber Security Operations
You will develop, manage and lead the Operations team, responsible for the cyber security monitoring of ASIS's systems, and coordination of the Service's cyber incident response activities. You will manage the delivery of ASIS's cyber security incident response framework, encompassing activities from effective security monitoring (including user activity monitoring), through to remediation and recovery following a cyber security incident. You will guide the development of accurate and informative security reporting for customers, and continuously engage with industry and partners to identify improved ways of working.
To be successful in this role, you will have:
* Familiarity with risk management, incident response, and investigative best-practices.
* Demonstrated understanding of the Protective Security Policy Framework (PSPF), Information Security Manual (ISM), and/or Essential Eight (E8) requirements.
* Demonstrated understanding of at least one technology domain (e.g. infrastructure, virtualisation, databases, software development, data analytics, machine learning, etc.).
* A proven ability to communicate complex issues to technical and non-technical audiences.
Technical Lead - Cyber Security Operations
You will perform a technical lead role either within the Operations team or as a member of a key Operational technology area. You will lead the delivery of robust, scalable, and fit-for-purpose cyber security use cases that support the detection of key threats to the Service. In the event of an incident, you will lead the delivery of Service's cyber security incident response activities. You will also identify and lead cyber security threat hunt activities to proactively identify potential threats to ASIS's systems.
To be successful in this role, you will have:
* Experience managing investigations, performing security analytics, and developing reporting for various (e.g. technical, non-technical, senior, and junior) stakeholder groups.
* Demonstrated understanding of at least three technology domains (e.g. infrastructure, virtualisation, databases, software development, data analytics, machine learning, etc.).
* Familiarisation with cyber security capabilities including SIEM and Data Analytics platforms, query/coding languages such as SQL, SPL, Java, Python and/or PowerShell, and digital forensics.
Technical Lead - Cyber Security Engineer
You will perform a technical lead role either within an Engineering team or as a member of a key Operational technology area. You will lead the development and maintence of technical capabilities that directly support the broader team's services. You will contribute to the execution of ASIS's Cyber Security Capability Roadmap by: researching, developing and integrating new technical capabilities to ensure coverage and collection of valuable audit events, optimising the sustainment of capabilities by automating routine tasks and processes, and ensuring the team's capabilities are exemplary high-security systems. You will build valuable working relationships across teams, vendors and partner agencies to ensure technical capabilities are implemented on-time and to-specification.
To be successful in this role you will have:
* Hands-on experience in delivering technical capabilities.
* Familiarisation with ICT Infrastructure and networking, data processing, SIEM platforms, vulnerability management, and cloud security (e.g. Azure and AWS).
* Proven ability to translate user requirements into technical features/functions.
Manager – Cyber Security Assurance
You will develop, manage and lead an Assurance team or as a lead in a key Operational technology area, responsible for cyber security assessment, architecture advice, and education within ASIS. You will manage the delivery of ASIS's security assessment and authorisation program, covering network penetration testing, vulnerability management, and configuration analysis to report on and remediate identified vulnerabilities. To enable the implementation of secure systems, you will guide your team in the development of threat models and scenarios to validate security-enforcing controls, and recommend mitigations and countermeasures to address identified risks.
To be successful in this role, you will have:
* Familiarity with both risk management, and assessment/audit best-practices.
* Demonstrated understanding of the Protective Security Policy Framework (PSPF), Information Security Manual (ISM), and/or Essential Eight (E8) requirements.
* Demonstrated understanding of at least one technology domain (e.g. infrastructure, virtualisation, databases, software development, data analytics, machine learning, etc.).
* Proven ability to communicate complex issues to technical and non-technical audiences.
Education, Qualification and Experience
* For all roles, the following education, qualifications and/or experience will be highly regarded, though not essential:
* Experience in the management and/or development of a specialist team.
* Excellent coordination, administration, verbal and written communication skills.
* 5+ years of experience in a relevant field of expertise.
* Industry certifications including, but not limited to: Cert IV in Government Investigations, IRAP, CISA, CRISC, CCSP, CISM, CISSP, SABSA, OCSP, Microsoft, Linux, Cisco, Splunk.