Cyber Security Specialist

An Information Cyber Security Specialist is required to assist with providing expert security advice, guidance, and recommendations across multiple ICT-enabled projects. You'll be working with this Government Department on the Northside and WFH 50/50

The day-to-day duties of this role include:

- Provide leadership and technical advice, support and recommendations on security best practices and industry-recognised standards and frameworks.

- Prepare or review a range of project and technical documentation, including: solution architecture designs, options papers, technical specifications, test and implementation plans.

- Prepare and develop Risk Assessments and assist with the preparation of Penetration Testing.

- Understand and translate complex business and technical requirements to ensure that technical findings and recommendations are fit-for-purpose.

- Communicate effectively with business and technical stakeholders across all stages of project delivery.

- Facilitate and/or participate in security design sessions and other workshops.

- Support the Manager in management of risks, issues, conflicts, priorities, communications, progress reporting to successfully assist in the delivery projects.

- Work collaboratively with Information Security Secure Design and ICT-enabled projects to deliver secure solutions.

- Participate in procurement activities providing security advice and guidance.

- Other activities as directed.

Highly desirable attributes:

- 5+ years of relevant cyber security and architecture experience, including experience in principal/ lead roles for security projects.

- Excellent interpersonal and communication skills to engage effectively with stakeholders.

- Industry security certifications including SABSA Practitioner, CISM, CISSP.

- Knowledge and experience with information security controls frameworks such as ISO 27001, NIST CSF, PCI-DSS, Australian Signals Directorate Information Security Manual (ISM) and so on.

- Relevant security architecture or operations experience in large and complex organisations, such as Qld Government, transport, or similar organisations.

- Experience with identity and access management solutions, privileged access management, authentication, secure email gateway solutions, risk assessments and security reviews.