Principal IRAP Specialist Job Summary
We are seeking a skilled and experienced Principal IRAP Specialist to join our team. This is a 12-month contract position with potential extensions, offering the opportunity to work on exciting projects.
About the Role
* Prepare and plan for security assessments to ensure compliance with established criteria.
* Conduct Design Effectiveness Reviews and validate technical implementations against Information Security Manual (ISM) controls, in consultation with System Owners and stakeholders.
* Maintain accurate records and evidence for security assessments, including the Security Controls Matrix.
* Assess system risk based on established criteria and provide recommendations for improvement.
* Review and advise on improving security controls for system authorization, ensuring alignment with Australian Government security policies.
* Develop and present comprehensive security assessment reports to System Owners and senior leadership.
Key Responsibilities
1. Security Assessment Planning: Develop and execute plans for security assessments to meet established deadlines and quality standards.
2. Design Effectiveness Reviews: Conduct thorough reviews of technical implementations to ensure compliance with ISM controls and identify areas for improvement.
3. Record Keeping and Reporting: Maintain accurate and up-to-date records of security assessments, including the Security Controls Matrix, and develop comprehensive reports for stakeholders.
4. Risk Assessment and Mitigation: Assess system risk based on established criteria and provide recommendations for mitigation and improvement.
5. Security Control Advancement: Review and advise on improving security controls for system authorization, ensuring alignment with Australian Government security policies.
6. Communication and Collaboration: Develop and present clear and concise security assessment reports to System Owners and senior leadership, facilitating effective communication and collaboration.
Requirements and Qualifications
* Demonstrated experience in IRAP Entity Assessment or IRAP, preferably within the Australian Government or academic organizations.
* IRAP certification and 27001 Lead Auditor certification.
* Knowledge of Australian Government security policies, including the Information Security Manual (ISM) and Protective Security Policy Framework (PSPF).
* Strong ICT technical background, capable of assessing complex environments and identifying areas for improvement.
* Experience in governance, risk, and compliance, with a focus on security and assurance.
* Excellent communication and interpersonal skills, with the ability to effectively communicate with technical and senior stakeholders.
Benefits
* A 12-month contract position with potential extensions, offering the opportunity to work on exciting projects.
* A collaborative and dynamic work environment that values diversity and inclusion.
* The chance to contribute to high-profile projects and make a meaningful impact.
* Ongoing training and professional development opportunities to enhance your skills and knowledge.
What We Offer
We offer a competitive compensation package and a range of benefits, including:
* A salary that reflects your skills and experience.
* A comprehensive benefits package, including health insurance, superannuation, and paid leave.
* The opportunity to work with a talented and diverse team of professionals.
* A dynamic and supportive work environment that encourages collaboration and innovation.
Apply now to take the first step in this exciting opportunity and join our team of experts.