- Long term contract
- Location Brisbane
- Australian Citizen
About the role
The role will ensure that agreed security measures are developed continually and consistently maintained and enforced, and that all security incidents are handled in accordance with the system’s Security Documentation Pack and the Information Environment (IE) Incident Response Plan (IRP). You will work as the lead of a two-person team to deliver management, technical and administrative services to implement security controls, security management strategies and technical readiness of the network. You will be required to interpret, employ and document ISM Controls, Essential Eight Maturity Model and ensure the system is and remains compliant with these standards. The role will require you to work alongside Operations and Security teams to ensure effective management of the system. This position requires expertise in cyber risk management, security frameworks, and proactive mitigation strategies.
Duties
- Plan, document and lead the implementation of a Plan of Actions and Milestone (POAM) activities in response to certification assessment and reduce risk for the ICT networks.
- Establish working relationships and an understood roles and responsibilities network diagram that shows how the standalone network team works within the broader DSSC roles and responsibility’s structure.
- Implementing directions from the DSTG IT Security Manager (ITSM), Group Information Security Officer (GISO), or the designated System Owner (Group Leader or above);
- Notifying the GISO and System Manager of any identified risk that may prejudice the security of the system and any ISM control deficiencies beyond those explicitly authorised.
- Facilitate vulnerability assessments scans and take actions to remediate identified vulnerabilities, including any associated patching.
- Updating and maintaining the Security Documentation Pack, including policy, standards, procedures, logs, under direction from the System Owner.
Skills & experience
- Proficient understanding of ICT security principles, in particular the ISM, with the ability to identify potential ICT security risks.
- Demonstrable ability to use current knowledge and skills to provide authoritative guidance in ICT security related matters, such as developing security operations procedures and ensuring their adherence and effectiveness.
- Demonstrable experience with ISM Essential Eight implementation, ISM controls, POAM project delivery and risk management frameworks.
- Demonstrated knowledge and experience in a number of the following technology areas:
- Network security services/appliances (ie. Firewalls) including associated device administration/management.
- Platforms (Linux and/or Windows Desktop and Server) and support network services such as AD, DNS, DHCP.
- IP networking includes routing, switching including associated device administration/management and good understanding of network design principles.
- Bachelor's degree in Computer Science or a related field.
- Professional certifications (e.g. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)).
Due to the nature of the role, the applicant needs to be an Australian Citizen with the ability to obtain and main NV1 security clearance. Candidates with an active clearance are encouraged to apply.
How to apply
Apply directly or for more information on this role, please email Zainab Afzaal at zainab.afzaal@calleo.com.au
And to stay up to date on other opportunities, visit our website or follow us on LinkedIn.
Calleo is an equal opportunity employer, and we encourage applications from all people including Aboriginal and Torres Strait Islander peoples.
