ICT Security Advisor

Amentum is a leader in global engineering, project management and solutions integration, trusted to modernise the most critical missions anywhere in the world. Driven to create a safer, smarter, cleaner world, we innovate as a team of inventive doers passionate about making a difference. Underpinned by a strong culture of ethics, safety and inclusivity. Amentum is fiercely committed to operational excellence and successful execution.

Are you seeking a career that offers a healthy work-life balance, a friendly company culture, and engagement with a supportive community?

We'll inspire and empower you to deliver your best work so you can evolve, grow and succeed – today and into tomorrow. We offer an exciting range of opportunities to develop your career within a supportive and diverse team who always strive to do the right thing for our people, clients and communities.

People are our greatest asset, and we offer a competitive package to retain and attract the best talent.

Our values stand on a foundation of safety, integrity, inclusion and diversity. We put people at the heart of our business, and we genuinely believe that we all succeed by supporting one another through our culture of caring. We value positive mental health and a sense of belonging for all employees.

Amentum is proud to be an Equal Opportunity Employer, please refer to our Enterprise Agreement and for more information.

Role Title: ICT Security Advisor

Role Description:

The ICT Cyber Security Advisor will work within the Integrated Air and Missile Defence (IAMD) AIR6500 Series program. The program consists of AIR6500-1 Joint Battle Management System, AIR6502-1 Medium Range Ground Based Air Defence Capability with AIR emerging) Advanced High Speed Missile Defence (AHSMD).

The ICT Security Advisor will work within the AIR6500 Series Chief Engineer team reporting to the System-of-Systems Security Manager and will be required to liaise and engage with other functions within the broader IAMD program and Industry members.

Responsibilities:

• Ensuring the ICT systems are designed, developed, operated and maintained in accordance with the Australian Government Information Security Manual (ISM), Defence Security Principles Framework (DSPF), the Australian Communications Security Instructions (ACSI) suite of publications and other relevant Defence security instructions.
• Ensuring appropriate security measures and controls are implemented for ICT systems on the Program to ensure risks to the confidentiality, integrity or availability of those ICT systems and their information are managed as per Defence Security requirements.
• Identifying threats and vulnerabilities arising from the design of ICT systems in the Program; ensuring that they are appropriately managed and mitigated as per the respective system's Security Risk Management Plans.
• Ensuring that system Standard Operating Procedures (SOP) and any other additional required artefacts are developed and maintained in accordance with applicable security policies and ICT system certification and accreditation requirements.
• Reviewing and providing advice on Defence security documentation for ICT systems.
• Working with peers and team members to educate them on their responsibilities and ensure compliance with the ICT Security documentation package approved for the Program.
• Advising Project Engineering Managers and C4ISR Leads, within the Program, on development of ICT Security documentation, certification and accreditation requirements.
• Liaising with other Defence Groups and Agencies to obtain advice and guidance for ICT Security implementation in support of the Program.

Essential Requirements:

Minimum 10 years of experience in an information technology role specialising in information security.

Technical knowledge of Defence IT Security principles.

Experience working with the Australian Signals Directorate, Chief Information Officer Group or Capability Acquisition and Sustainment Group, within the Department of Defence Portfolio.

Recent experience in authoring Defence ICT Security documentation.

Experience working with DevSecOps and Agile delivery methodologies would be highly regarded.

Experience in the Certification, Risk Management, Vulnerability Assessment and Management (CRVM) and Information Assurance (IA) of Defence and National Security ICT and Operational Technology (OT) systems

Desirable Requirements:

Qualified Defence IRAP Assessor

Certified Defence Information Security Registered Assessor (DRAP)

In-depth understanding of:

• Australian Government cyber and protective security requirements in the Information Security Manual (ISM),
• Defence Security Policy Framework (DSPF)
• Industry standards including National Institute of Science and Technology (NIST),
• Common Criteria and ISO 27000.

Required Security Clearance Level: NV1

Location: ACT

Weekly Hours: 40

Amentum is proud to be an Equal Opportunity Employer. Our hiring practices provide equal opportunity for employment without regard to race, sex, sexual orientation, pregnancy (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, ancestry, United States military or veteran status, color, religion, creed, marital or domestic partner status, medical condition, genetic information, national origin, citizenship status, low-income status, or mental or physical disability so long as the essential functions of the job can be performed with or without reasonable accommodation, or any other protected category under federal, state, or local law. Learn more about your rights under Federal laws and supplemental language at Labor Laws Posters.