One of our Federal Government Clients is seeking to engage a Lead Cyber Security Specialist. This is a long-term contractual position.

Please check below all the job details:

Contract Duration: 03 Years (12 months initially + 24 months extension)

Work Location: Canberra (03 Days office/02 Days home per week)

Eligibility: You must need to have NV1 Security Clearance or above.

Tentative Start Date: 20th Oct 2025

Note: Interstate remote workers will not be considered.

Position Description:

This role provides guidance on the application and operation of security controls, performing security risk and business impact analyses, and identifying risks from potential technical solution architectures. The role designs alternate solutions or countermeasures to mitigate identified risks and provide recommendations for appropriate security policies, standards, and guidelines. Managing risks related to the use, storage, and transmission of data, and carry out of risk management activities within specific functions or projects is also a part of this role. This includes identifying risks and vulnerabilities, assessing their impact and probability, developing mitigation strategies, and reporting these to the business. This role will ensure the protection and management of risks associated with information systems, contributing to a secure and compliant digital environment.

The ideal candidate will have a strong technical background, relevant risk assessment qualifications such as the CISSP and/or CCSP, a deep understanding of cyber threats facing government, and the ability to work within a high-security environment. This is a mission-critical role where your expertise will directly contribute to the protection of our global infrastructure.

Key duties and responsibilities:

• Conduct comprehensive risk assessments across IT systems, applications, and third-party vendors.
• Evaluate and monitor compliance with Australian Government requirements such as the PSPF, ISM, and Essential Eight, and apply additional oversights from international frameworks such as ISO 27001, NIST, and GDPR.
• Develop and maintain cybersecurity policies, standards, and procedures.
• Perform gap analyses and recommend remediation strategies.
• Collaborate with internal stakeholders to ensure alignment with security governance objectives.
• Support audits and certification processes (e.g., IRAP assessments).
• Monitor and report on the effectiveness of security controls.
• Stay current with emerging threats, technologies, and regulatory changes.
• Prepare comprehensive reports for business and senior executive, translating complex technical findings into clear, actionable treatments and recommendations.

Technical skills:

• Highly desirable certifications include CISSP, CRISC, CCSP, or equivalent.
• ISO 27001 Lead Auditor, or IRAP are desirable, with other qualifications in government-specific cyber security programs considered highly.

About the team:

The Cyber Architecture and Assurance Section (CAS) is a part of the Cyber Security, Cloud & Networks Branch (CAS/CRB/IMD). CAS is responsible for several core functions, including system assurance, providing risk advice, and undertaking a ‘second line’ assurance function.

Essential Criteria:

• Demonstrated experience in authoring ICT system authorisation documentation including but not limited to: Security Risk Management Plans (SRMPs), System Security Plans (SSPs), and Standard Operating Procedures (SOPs).
• Experience in technical ICT areas such as system administration, software development, and cloud computing.
• In-depth knowledge of Australian Government cyber security standards, such as the Protective Security Policy Framework (PSPF) and Information Security Manual (ISM).
• Familiarity with one or more: AWS, Azure, Kubernetes, Identity and Access Management.
• Minimum current active NV1 security clearance.
• Knowledge of emerging threats and international frameworks such as NIST, GDPR, and/or PCI DSS.
• Ability to communicate complex information to both technical and non-technical stakeholders.
• Understanding of data protection, privacy legislation, and compliance requirements.

The Next step is easy: If you are interested, you may send an email to [email protected]

Referral incentive program: As always, we have the candidate referral incentive program through which you will get $1000 for each successful referral after the successful selection and joining of the referred candidates.