Multiple Lead Ict Security Specialists El1

**Location**: ACT, QLD, VIC, WA

LH-01721

**Security Clearance**: Australian Citizen must be able to obtain Positive Vetting

**Job Duties and Responsibilities may include**:

- Accountable for managing allocated resources, setting work priorities and managing workflows to ensure accurate completion of work within timeframes and quality requirements.
- Accountable for accurate completion of work within timeframes and quality requirements, sharing own expertise with others and guiding and mentoring less experienced employees.
- Lead the development and implementation of strategies and the evaluation of business outcomes to ensure continuous improvement in the delivery of ICT security.
- Deliver risk assessments, business impact analysis and assurance for information systems within the organisation.
- Analyse security risks and business impacts and provide guidance on security strategies to manage identified risks.
- Communicate risks of a complex nature to managers and other peers.
- Engage with internal and external stakeholders from other technical specialties to share and develop ICT security policy.
- Identify areas of risk and evaluate the adequacy and effectiveness of the Australian Signals Directorate's approach to risk in the use of ICT.
- Assess and resolve identified security incidents in accordance with established procedures and recommend any required actions or policy amendments.
- Interpret security policy and contribute to the development of standards and guidelines.

**Technical Skills**:

- Certified as an Infosec Registered Assessors Program (IRAP) Assessor
- At least 3 years’ experience as a security specialist working across security architecture, security and risk management, communication and network security or security operations domains.
- Experience ensuring technical systems adhere to Essential Eight, ISM, and PSPF frameworks
- Excellent organisational and communication skills
- Proven record building, managing, and enhancing relationships with stakeholders
- Experience developing, managing, and implementing SOPs and procedures in support of security accreditation frameworks

**Technical skills***:

- Desirable: Bachelor’s degree in Information Technology or related field

**Requirements**:
**Technical Skills**:

- Certified as an Infosec Registered Assessors Program (IRAP) Assessor
- At least 3 years’ experience as a security specialist working across security architecture, security and risk management, communication and network security or security operations domains.
- Experience ensuring technical systems adhere to Essential Eight, ISM, and PSPF frameworks
- Excellent organisational and communication skills
- Proven record building, managing, and enhancing relationships with stakeholders
- Experience developing, managing, and implementing SOPs and procedures in support of security accreditation frameworks

**Essential Criteria**

2. SCTY 5 - Information security: Level 5 (SFIA) Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Contributes to development of information security policy, standards and guidelines. Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems. Investigates major breaches of security, and recommends appropriate control improvements. Develops new architectures that mitigate the risks posed by new technologies and business practices.

3. INAS 5 - Information assurance: Level 5 (SFIA) Interprets information assurance and security policies and applies these to manage risks. Provides advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines. Plans, organises and conducts information assurance and accreditation of complex domains areas, cross-functional areas, and across the supply chain. Contributes to the development of policies, standards and guidelines.

**Desirable criteria**

1. PBMG 4 - Problem management: Level 4 (SFIA) Initiates and monitors actions to investigate and resolve problems in systems, processes and services. Determines problem fixes and remedies. Collaborates with others to implemented agreed remedies and preventative measures. Supports analysis of patterns and trends to improve problem management processes.
- Desire to be accountable for their actions;
- Strong stakeholder management skills;
- Demonstrate leadership behaviours;
- Willing to challenge the traditional ways of doing business;
- Thrive in dynamic environments and comfortable with ambiguity;
- Outcome-focused mindset; and - Adaptability, resilience, flexibility and teamwork, including regionally dispersed teams, if applicable. Please provide a brief explanation of your experience covering these attributes. (Guide - 300 to 400 words.)