▷ 3 Days Left Senior Security Assessor Cyber Advisors

# Senior Security Assessor Cyber AdvisorsBrisbane Canberra Melbourne21 September 2025### Job DescriptionRemote is seeking multiple Senior Security Assessor Cyber Advisors to join the team in ASD. ASD is managing the challenge of delivering Authority to Operate (ATO) over the TS Cloud as a strategic risk to the Program. With close oversight provided by ASD security authorities and NIC security stakeholders, the ATO team is taking an agile and flexible approach to assessing and authorising the TS Cloud ICT platform within the timeframe of the Program’s overall delivery schedule. The approach will apply contemporary agile delivery principles and a tailored ISM-based security risk assessment methodology to build security assurance incrementally throughout the TS Cloud build phase, and will employ streamlined and automated security assurance methods where possible. The ATO team’s Cloud Security Assessor will be comfortable working in this manner to ensure a high level of security assurance over the TS Cloud solution is achieved. (LH-02905)##### Role Description**Key duties and responsibilities**The Cloud Security Assessor will perform the following duties and responsibilities:* Work in close collaboration with the ATO team counterparts to plan, conduct and deliver security assessments of component parts of the TS Cloud platform, Cloud Service Provider (CSP) Services and other cloud adoption technologies. Security assessments will consider the involvement of people, processes and technologies in each component and will yield a high level of overall security assurance commensurate with the TS classification of the solution.* Identify and engage relevant NIC and CSP security authorities, subject matter experts and business stakeholders in security assessment activities, via face-to-face, written and online communications channels. Ensure that assessment outcomes are comprehensive, complete, defensible and clearly communicated to the right stakeholders, at the right time and at the right level of detail.* Conduct cloud security assessments methodically and in accordance with a defined ATO team process aligned with the Information Security Manual’s risk-based approach to cyber security. That process features key steps including:* Information gathering and analysis leveraging CSP, industry and open sources* Defining and modelling the component to be assessed* Modelling security threats to the component to be assessed by drawing upon personal knowledge, stakeholder expertise, and classified and open-source threat information* Identifying security controls implemented by the component and assessing their effectiveness against identified threats* Assessing security risk of the component using ASD’s established enterprise risk assessment framework and, where necessary, recommending additional security controls to reduce security risk* Producing cloud security assessment artefacts contributing to the TS Cloud ATO body of evidence and informing business risk acceptance and authorisation decisions by relevant governance bodies and security authorities.**Essential criteria*** First-hand experience conducting and delivering security risk assessments for large and complex technology solutions, in line with the Protective Security Policy Framework and Information Security Manual.* Ability to communicate security threats, risks, mitigations and recommendations clearly and with influence – in verbal and written form – to a broad spectrum of stakeholders. Stakeholders include but are not limited to peer groups, technical specialists, security authorities, system owners, business owners and senior executives.* Comfortable working in a team environment with common goals and priorities. Responsive to tasking and priorities from a team leader or project manager, adheres to guidance and quality standards of technical and/or security authorities, collaborates with stakeholders and peers on the delivery of high quality outputs, and applies established team processes and ways of working.* Relevant IT Security qualifications and certifications, such as Certified IRAP Assessor, CISA – Certified Information Systems Auditor, GSNA – GIAC Systems and Network Auditor, or Bachelor/Masters in Cyber Security.**Desirable criteria*** Experience in delivery of large and complex technology programs or projects using contemporary agile methodologies and tools.* Cloud platform security certifications.Location, ,John Bath has many years of experience delivering ICT capability within the Defence and National Security sectors.He played pivotal roles in ASD’s cloud transformation programmes and was the lead solution designer for the National Criminal Intelligence System.**Kate Dyce** has been involved in ICT capability development and support, project and program management, and team leadership in Defence and National Security settings since 2006.She has proven skills in the use of PRINCE and Agile methods for leading and delivering complex ICT projects involving infrastructure, data storage and processing and intelligence analysis applications.Kate has a long history of effective stakeholder engagement, including representation to senior leadership, industry, NIC and overseas partners.Kate’s role as Operations Manager includes the coordination of Remote’s services to Commonwealth and Commercial clients. She is responsible for ensuring Remote’s services match the requirements of our clients as well as the provision of support and mentoring to Remote’s consultants.**Daniel Flynn** is responsible for Remote’s Defence and National Security clients. With over a decade of experience managing and delivering intelligence capabilities within the Defence domain.He is ideally suited to supporting the expansion of Remote’s capabilities around Australia for national security clients.Lee Bath has a long history as a manager in public sector and industry roles. After leaving Perth to join the ADF at a young age, she has since fulfilled senior business management roles in a variety of settings.Lee has more than 20 years of experience managing businesses and operations in Defence and defence industry settings.Lee decided to become a partner in Remote so that she could run a company like one she always wished she could work in.**Susan Trinh** was a consultant for Remote for five years in a range of Project Management roles within the Defence and national security sectors prior to taking on the role of Business Manager.Susan has 10 years of experience in a range of business and governance functions, as well as significant time spent delivering and operating capabilities at the coal face of Australia’s intelligence and cyber security operations.On top of her Business responsibilities, Susan is growing Remote’s presence in Melbourne as we expand to meet the needs of our clients.
#J-18808-Ljbffr