Principal Cyber Advisor

One of our leading federal govt clients is seeking to engage
Principal Cyber Advisor
for
Canberra / Melbourne / Sydney

Please note Candidate must have Baseline security clearance

Initial contract duration-
12 months

Extension term-
12 months

Number of extensions-
2

Working arrangements -Hybrid

Key duties and responsibilities

• Conduct comprehensive cyber security risk assessments on systems to identify and evaluate potential risks, threats and vulnerabilities.
• Develop security documentation and propose suitable measures to mitigate cyber security risks.
• Ensure systems meet cyber security standards, frameworks and compliance.
• Provide dedicated cyber security architecture or risk advisory services to assigned ICT program and and/or project(s).
• Provide advice and develop security documentation for systems certification covering areas such as application interfaces, databases, infrastructure services, WAN and LAN networking including Software-Defined Networks and mobility services.
• Liaise with Security and Chief Information Officer Command teams to identify and capture processes, develop suitable standard operation procedures, security risk management plans, system security plans and Infosec Registered Assessors Program (IRAP) assessments.
• Undertake security design reviews and evaluation against compliance objectives.
• Provide knowledge/skills transfer to other team members and provide mentoring, coaching and training.
• Remain accountable for accurate completion of work within timeframes and quality requirements, share own expertise with others and guide and mentor less experienced buyer employees.
• Record and maintain files/information in accordance with requirements.
• Design and implement secure enterprise, cloud and network architecture in line with ISM and Essential Eight.
• Develop and maintain security reference architecture ensuring alignment with organisational strategies and Australian Government standards.

As part of the services, the seller must ensure the specified personnel:

• Maintains currency in information technology processes and technical knowledge through ongoing professional development.
• Establishes and maintains effective business relationships and professional networks.
• Contributes to and implements improved ICT practices and procedures.
• Works effectively in a small team environment, and wider Command environment.

Essential criteria

1.Solution 1 The extent to which the potential supplier's response meets the requirements as set out in the ATM documents. 3+ years' experience as an Information or Security Specialist. Demonstrated knowledge and experience in Cyber security requirements and frameworks, including Information Security Manual (ISM), Essential Eight, and Protective Security Policy Framework (PSPF). This should be complemented by a thorough grasp of security assessment methodologies, risk evaluation processes, and modern network architectures. Experience in participating in or reviewing end-to-end technology solution designs. Experience in creating ICT Security certification and accreditation documentation Experience in SME/advisory services to ICT Programs/projects. Knowledge of ICT governance and operational documentation requirements in a federal government context. Demonstrated experience in conducting comprehensive risk assessments and threat modelling, transforming complex technical findings into clear business implications.

2.Solution 2 Expertise in vulnerability assessment and data analysis, to successfully manage intricate security challenges with strategic thinking and practical solutions. Certification knowledge encompassing various industry standards and requirements, backed by extensive experience in audit processes and documentation. Strategic mindset that aligns security measures with organisational objectives. Strong stakeholder management capabilities to enable effective communication across all levels of an organisation. Commitment to continuous learning and professional development. Design and implement secure enterprise, cloud and network architecture in line with ISM and Essential Eight. Develop and maintain security reference architecture ensuring alignment with organisational strategies and Australian Government standards.

3.Ability to deliver The extent to which the potential supplier demonstrates its capability and capacity to provide the requirements. Proven ability to work independently or as part of a Program/Project team . Excellent verbal and written communication skills, strong attention to detail, and skilled at prioritisation and multi-tasking. Ability to adhere to standards and practices. Ability to gain and maintain necessary clearance. Sellers ability to provide replacement personnel when required. Sellers ability to provide expert advice and support to identified personnel. Demonstrate how resources will maintain contemporary knowledge of IT commercial environment.

If you would like to apply for the above role, then please send your
updated CV
with
Cover Letter
to