Cybersecurity IVVQ Tester

At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it's all driven by human intelligence.

Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we challenge what's possible.

From manufacturing and engineering to cybersecurity and space, we're driving progress in some of the world's most important industries – and working together to build a future we can all trust.

Our Benefits

• Annual Bonus + Private Medical Insurance
• ThalesFlex – Hybrid work environment
• Fitness Passport Discount
• Employee discounts with several affiliates (Travel, Car hire, Tech, Medical Insurance)
• Modernised Paid Parental Leave
• Veterans Leave
• Novated Lease options
• Family support through our partnership with Parents at Work
• Personal & professional training development opportunities
• Sonder – Wellbeing & Support Partner

Our Team

From take-off to landing, Thales offers the most complete range of solutions to provide dynamic Air Traffic Services to support today's growing domestic and international travel requirements. Utilising this knowledge and experience Thales Australia will deliver a harmonised Civil/Military Air Traffic Management System (CMATS / OneSKY) in Australia to Airservices Australia and Defence.

This will enable a new level of safety and efficiency, while also reducing delays for the travelling public and providing opportunities to improve environmental outcomes. OneSKY will transform Australia's sky, and we are proud to be partners in its delivery.

The role:

The Cybersecurity IVVQ Tester is primarily responsible for verifying the CMATS Security features solution to assess the effectiveness of various security controls and provides objective evidence to the IRAP assessor for the Accreditation Dossier to obtain Authorisation To Operate (ATO) from Australian Authorities.

This customer-facing role works within the CMATS verification team, interfacing with other CMATS teams like the Cybersecurity SoS and Integration teams, and requires customer review and approval of all test documentation and results.

Regular attendance is required at the Thales World Trade Centre office in Melbourne and the customer test facility at Melbourne Airport, with some audit and security testing also performed on future operational sites across Australia

Some key responsibilities:

• Developing and executing Cybersecurity Test Procedures: This involves writing, updating, executing, and automating these procedures to assess the effectiveness of security controls1. These procedures are also debugged on Test Benches to improve their maturity1 and run at integration and test facilities during security verification campaigns, often witnessed by Security Customers and IRAP assessors.
• Managing test results and defects: Activities include recording Test Results by generating Test Reports, which encompass building and presenting KPI metrics for cybersecurity requirements status2. When security capabilities are not properly implemented, Defects are raised, and work is done with Sub-Systems teams to define correction plans and verify their implementation.
• Planning and coordination of testing activities: This involves scheduling and planning cybersecurity testing activities, considering platform needs, capabilities, and the current level of security control implementation. There is also close collaboration with the Cybersecurity SoS Team for information sharing and consistency.
• Supporting other teams: The process actively involves supporting the Integration and other Sub-System teams in understanding Security Features and advising on the best methods for implementing and verifying them.
• On-site verification and accreditation preparation: Verification activities are performed on Operational sites across Australia to ensure that Security Requirements are properly implemented3. Site Test Procedures are executed to demonstrate that the deployed CMATS solution is ready for accreditation

On day one you will come with:

• Australian Citizenship for the ability to obtain defence clearance.
• Knowledge of security architectures, technologies, and design and development.
• In depth technical experience with the security-based aspects and secure implementation of Linux and Windows based systems (ie hardening hardening), network devices and firewalls.
• Knowledge of Australian Government Information Security Manual (ISM).
• Experience working with formal systems engineering requirements
• Experience with authoring/reviewing technical documentation.
• Experience with Engineering Tools (DOORS / VIVALDI)
• Software development environment technologies, e.g. Jira, Git, Puppet, Jenkins
• Test automation tools such as Eggplant and Chef InSpec

It's easy to dismiss the perfect opportunity if you don't see yourself as the perfect fit. If this role feels right –no matter your background or personal circumstances –please introduce yourself or join our community. We're committed to supporting a diverse workplace, and that starts here.

We're proud to be endorsed by WORK180 as an Employer for All Women, but we know there's always more we can do. We'll continue to foster industry partnerships, employee resource groups (ERGs) and development opportunities to make Thales a genuinely equitable employer, for everyone.

Read more about our WORK180 endorsement.