This role is responsible for delivering the services provided by the Cyber Security Advisory practice. This includes consulting with business areas and agencies to define their respective information security related objectives and needs, and confirming the IT security related standards, processes and procedures required to meet their legal, contractual, compliance and business obligations. These solutions must also align to the Essential Practices and Capability Model as directed by Transport Cyber Defence.
Role: Senior Cyber Security Advisor
Location of work: Sydney
Length of contract: 05 months
Contract extensions: 03 months extension
Security clearance: Australian Citizen or Permanent Resident with full working
rights in Australia
About the Role
This role is responsible for delivering the services provided by the Cyber Security Advisory practice.
Responsibilities
Project Security Consulting – Provide security solution and design inputs for the implementation of new capabilities within a project lifecycle. This is predominantly aligned to the Enterprise Project Management Office (EPMO) PEFm framework, or as required for other initiatives delivered outside this framework. Participate actively in projects to ensure that security design, testing and implementation comply with Transport's IT Security standards and policies and industry best practice.
IT Security Risk Assessments – perform security assessments of solutions and capabilities. This includes following standard processes and engaging with requesting stakeholders to ensure context of the solution is known and aligned to resulting risk assessment complying with Transports TERM framework.
Security Testing – provide guidance to stakeholders on the process for consuming security testing (including pen tests, vulnerability scans, secure coding tests etc.) and interpret results to provide a risk-based view, and recommendations.
Cloud and Vendor risk assessments – perform risk assessments against cloud services and potential vendors being engaged across the cluster.
Document review – provide security review and guidance relating to documents including policies, guidelines, standards, solutions etc.
Provide general security advice aligned to security policy and supporting the Essential Practices.
Security Patterns – Actively contribute to the development of security patterns from security tooling, services, and integration perspectives.
Provide support to continuous improvement of the services provided by the Advisory practice.
Key challenges
Managing numerous requests and allocated tasks varying in size and complexity.
Establishing relationships with stakeholders across the cluster.
Working within a practice that is undergoing improvement initiatives which will require a level of adaptability.
Qualifications
Relevant tertiary qualification and professional certifications/accreditations, including specialist qualifications as an IT security architect.
Required Skills
Demonstrated knowledge of Cyber Security architecture principles.
Understand how to assess solutions from a risk based perspective and provide guidance to solutions owners on recommended controls.
Proven security architecture / design / consultancy / delivery capability 5+ years as an information security specialist.
Demonstrated understanding of cyber security, risk management, governance, business continuity management and business resiliency issues and threats impacting a large and complex organisations.
Preferred Skills
None specified.
Pay range and compensation package
We are offering a Joining Bonus $1000 and a referral of $1000. This is not a remote role, and we are looking for an Australian citizen with a NV1 clearance.
Equal Opportunity Statement
We are committed to diversity and inclusivity.