Location: ACT, SA, VIC
Security Clearance: Must hold Negative Vetting Level 1
Bennefits:
- Work with a dynamic team at the cutting edge of defence research.
- Enjoy flexible working arrangements and a supportive work environment.
- Make a significant impact on national security through your expertise in cybersecurity.
About:
This high-profile Defence Agency is at the forefront of enhancing Australia's defence capabilities through cutting-edge research and development. The Group Cyber Security Risk Team is pivotal in safeguarding the research networks and systems. They are seeking a dedicated Cyber Security Risk Management Specialist to join the team and strengthen the cyber posture in alignment with Defence standards and regulatory requirements.
Role Overview:
As a Cyber Security Risk Management Specialist, you will play a crucial role in coordinating the governance, risk, and compliance assessment of research networks and systems. You will collaborate with internal teams and stakeholders to implement and monitor cybersecurity policies, procedures, and controls.
Key Responsibilities:
- Review and enhance cybersecurity documentation for networks and systems.
- Provide advice on improving the effectiveness of cybersecurity controls for system authorisation.
- Review and update briefing materials and reports on cybersecurity matters for senior leadership (SES).
- Contribute to the Information Security Management System (ISMS) documentation suite, maintaining compliance and certification against ISO 27001.
- Assist with ISO 27001 internal audits to improve DSTG’s cybersecurity risk posture.
- Reconcile SN Master database with Defence ICT Inventory System (DIIS).
- Support Certification and Accreditation Coordination (CACC) processes, including system assessment scheduling, compliance monitoring, and stakeholder communication.
Skills and Experience:
- Minimum of 3 years of demonstrated Governance, Risk, and Compliance (GRC) experience in an enterprise environment.
- Strong knowledge of cybersecurity frameworks, standards, and regulations (e.g., ISM, PSPF, Essential 8, NIST).
- Excellent communication skills, with the ability to articulate complex information clearly to a range of technical, research, and managerial stakeholders.
- Relevant certifications such as IRAP, CompTIA Security+, CISSP, CISA, CISM, or SSCP are highly regarded.
How to Apply:
If you are passionate about cybersecurity and eager to contribute to this mission, we want to hear from you. Please submit your resume outlining your qualifications and experience.