Cyber Security Analyst

Our client, Services Australia, is seeking Cyber Security Analysts to work within the Integrated Cyber Risk Management section to undertake cyber risk assessments of key technology components and systems. A Cyber Risk Analyst is required to meet Protective Security Policy

Framework (PSPF) requirements and deliver key system authorisations on behalf of the Agency and Shared Services Partners.

A Cyber Security Analyst is a specialised role that is required to understand cyber security controls protecting Government ICT Systems, processes, and information. A Cyber Security Analyst undertakes system security assessments based on required controls and communicates and develops documentation so informed decisions can be made regarding associated cyber security risks.

The following experience and knowledge are required Extensive experience with risk and information security frameworks, policies and standards, including the Federal Government PSPF and Information Security Manual (ISM), and international standards (ISO 27001/2). Demonstrated working experience in security threat and risk assessment and development of security authorisation artefacts. Demonstrated security experience within complex ICT environments. Strong stakeholder management skills, and the ability to communicate security concepts to non-technical audiences both verbally and in writing. Understanding of global Cyber Security

trends, attack vectors and techniques. Tertiary, - or other relevant qualifications are

advantageous.

Key duties

• Identify, test and assess applicable security controls in line with the Australian Government PSPF, ISM and agency policies and guidelines.
• Analyse and document security risk and recommend treatments and modifications to security practices and procedures using expertise and technical knowledge.
• Contribute to the system authorisation program of work, system projects and programs, by developing or reviewing security artefacts, including Threat and Risk
• Assessments and System Security Plans.
• Manage, develop and support complex relationships with stakeholders to achieve work area goals.
• Manage and maintain the agreed service levels.
• Assist with the development and implementation of security policies, procedures, projects, and strategies.
• Continuously work to improve the efficiency and effectiveness of the cyber security service.
• Educate and inform departmental staff to promote understanding and ensure adherence to security policy and processes.

Mandatory Criteria

• Extensive demonstrated experience with risk and information security frameworks, policies, and standards, including the Federal Government Protective Security Policy
• Framework (PSPF) and Information Security Manual (ISM), and international standards (ISO 27001/2).
• Demonstrated working experience in security threat and risk assessment and development of security authorisation artefacts.

Weighted Criteria

• Demonstrated security experience within complex ICT environments.
• Strong stakeholder management skills, and the ability to communicate security concepts to non-technical audiences both verbally and in writing.
• Understanding of global Cyber Security trends, attack vectors and techniques.
• Demonstrated experience in Federal Government.
• Relevant tertiary or other qualifications.

Pay range and compensation package:

Competitive contract role rates

12 month contract role with 1 possible 12 month extensions.

Security Clearance

Must have NV1 or above

Working arrangements:

Location: Services Australia Offices in VIC, ACT, QLD, SA

A minimum 3 days in the office depending on the business requirements.

We believe in flexibility and understand the importance of a work-life balance. Depending on the specific position, we offer hybrid working arrangements allowing team members to work both remotely and in-office. Typically these arrangements are subject to performance, ensuring that productivity and project goals are met with 3 days in office, potentially 2 days remote and this can be negotiated depending on specific candidate and position requirements.