Cyber Security and Cyber Engagement Officers

APS 6 - $91,944 - $104,393 per annum plus superannuation
- Digital Services Division
- Canberra, ACT
- We are seeking passionate Cyber Security officers to support our Cyber Security and Cyber Engagement Sections within the Digital Services Division.
- Cyber Engagement Officers are responsible for developing and implementing cyber security strategies and initiatives to enhance the resilience and awareness of the organisation and its stakeholders. Cyber Engagement Officers work closely with internal and external stakeholders to promote best practices, share information, and coordinate responses to cyber incidents and threats.

**Who we are**

The Cyber Security and Desktop Services Branch support staff within the Department of Agriculture, Fisheries and Forestry and the Department of Climate Change, Energy, the Environment and Water with ICT needs and looks after the department’s cyber security. Our service desks and VIP support teams assist with (ICT) equipment requests, incidents, telephone, and conference services across all areas of the departments. We provide ICT support to regional and remote offices around Australia. We advise on cyber security and help business areas to conduct their work safely and securely.

The Cyber Engagement section produces cyber security policies, provides advice, and assists IT and business teams to manage the cyber risk of their systems. We ensure all departmental systems are authorised to operate to meet whole of government security requirements. The Cyber Security section is responsible for protecting data held in trust by the department.

We work to understand, detect and manage security risks and threats in the corporate environment. We also partner with internal fraud, HR, and personnel security to manage insider threats.
- The Cyber Security section performs a range of activities that include:

- Identifying, assessing, and mitigating cyber security risks.
- Incident response and recovery.
- Monitoring the departments network for signs of potential cyber threats or attacks.
- Managing the departments identity and access management solutions.
- Providing training and guidance to staff.

**The Job**
- Designing identity and access management (IAM) solutions and improvements that meet departmental, regulatory and audit requirements and integrating these into new and existing systems.
- Investigate and resolve IAM issues and enquiries from end-users and stakeholders.
- Assess and address risks associated with user access privileges, entitlements and ensure compliance with security standards and requirements.
- Supporting the development, management and communication of high-quality Cyber Security policies, frameworks, standards, and guidance documentation.
- Investigate and develop new ways to promote cyber security across the department and opportunities to improve the security posture of the departments network, including training programs to technical staff and administrators and improve ways of working.
- Researching and evaluating emerging cyber security threats and ways to manage them within our current and emerging systems, networks, and zones.
- Conduct Security Risk Assessments of ICT systems ahead of security authorisation, including assisting team with triaging requests.

Please note in these roles you will be required to be on a paid on-call roster to provide 24/7 cyber security support.

**What we are looking for**
**Knowledge and experience**
- Understanding or willingness to learn Identity and Access Management (IAM) and Multi-Factor Authentication (MFA) policies, processes and solutions and Azure Cloud Platforms and their respective IAM capabilities.
- Experience with cyber security issues, policies and frameworks, and cyber risk and compliance governance would be advantageous.

**Skills and capabilities**
- Self-motivation, drive, and the ability to work independently and collaboratively within a team.
- Strong analytical and problem-solving skills in a complex environment.
- Organisational skills, with the ability to manage multiple competing priorities in a technical environment to deliver quality outcomes.
- Highly effective stakeholder and communication skills with the ability to translate complex technical information to a range of audiences.
- Demonstrated ability to research the latest security and technology developments, analyse the information and provide sound advice to managers and stakeholders.
- The ability to use security and technology information to draft and maintain policies and standards documentation.