Cyber Security Analyst

One of our Federal government clients is seeking to engage 2 Principal Cyber Security Analysts.

Role: 2 Principal Cyber Security Analysts

Location of work: All States (work 2 days from office and 3 days from home each week)

Length of contract: 06 Months

Contract extensions: 12 Months extension

Security Clearance: Baseline security clearance

Overview:

Key duties and responsibilities

The Cyber Security Analyst will be required to support the following functions:

Risk Identification and Analysis: Conduct risk assessments to identify potential risks, treatments, impact and mitigation strategies related to the department and its Portfolio.

Assurance Framework Development: Establish and implement relevant assurance frameworks and controls to meet industry standards and legal requirements. (Protective Security Policy Framework (PSPF), Information Security Manual (ISM), National Institute of Standards and Technology (NIST) etc).

Policy and Procedure Creation: Develop, review, and update policies and procedures to ensure alignment with applicable governance, risk, and assurance frameworks.

Audit and Monitoring: Undertake regular reviews of risks to ensure they are being remediated by the relevant System/Business Owners. Design and conduct audits to monitor adherence to assurance policies and regulatory requirements throughout the life of the project.

Reporting and Documentation: Develop and maintain documentation related to Accretion and Certification Activities.

• Produce regular monthly reports on risk status, assurance, and governance activities for Executive and Stakeholders.

Stakeholder Engagement: Collaborate with internal and external stakeholders, to:

• Address risk activities
• Provide advice regarding assurance documentation, timelines and activities.

Continuous Improvement: Recommend improvements to governance, risk, and assurance processes based on lessons learned, audit findings, or changing regulations.

Leadership: Lead Governance, Risk and Assurance work programs; provide informal mentoring and leadership as required; provide advice on cyber security to a broad range of stakeholders.

Activities as directed: The specified personnel may be redirected to assist or work on other projects/activities outside of the branch of initial assignment.

Criteria

The buyer has specified that each candidate must provide a one page pitch to address all criteria specified. This is equal to 5000 characters.

Essential criteria

1. Demonstration of comprehensive knowledge of ICT and Cyber Security technologies and best practices.

2. Minimum 3 years’ experience in a similar role within a medium/large size organisation.

3. Extensive knowledge of Australian Government Policies and frameworks relating to Government Services.

Desirable criteria

1. Relevant tertiary qualifications obtained from a recognised Australian tertiary institution or equivalent assessed comparable overseas qualification in Computer Science, Software Engineering, Information Technologies, or Cyber Security is highly desirable.

2. Certification and/or membership to relevant professional organisations including certification in any of the following: CISSP, Security+, CISA, CISM, SABSA, GIAC and SANs.