Cyber Security Specialist
Quick Overview
Job Description
The Cyber Security Specialist independently applies advanced cyber security principles, standards and practices while working collaboratively across a multi-discipline team to ensure our products are suitably engineered to meet expected cyber and security threats throughout their lifecycle. This role develops and implements security measures, drafts and maintains compliance documentation, and works with the customer on achieving cyber security compliance requirements. It requires experience in cyber security practices and a strong understanding of security protocols, enhancing the organisation's security posture under guidance from the Senior Cyber Security Specialist.
Responsibilities- Provide specialist input to all stages of the systems engineering and product design processes, ensuring that secure by design principles and security controls contained within the ISM and DSPF are incorporated into the system (requirements, design, build and test). Conduct comprehensive testing and verification of applicable ISM and DSPF cyber security controls that are implemented into the system design (verification testing, not penetration testing).
- Write reports based on the Objective Quality Evidence to support verification of the cyber security controls as part of the overall V&V program.
- Draft and release applicable System Security Documentation IAW Commonwealth Cyber Security Assessment and Authorisation (CSAA) framework.
- Support the accreditation effort on behalf of IPL project teams, working with the Project Management Team, Commonwealth and security assessor to remediate any POAM action items.
- Provide advice to the engineering team on proposed configuration changes (including patching) and their impact on system security and accreditation.
- Identify, assess and mitigate Cyber Security Risks on the system, develop and update risk assessment documents and registers, and stay abreast of new vulnerabilities that arise through vendors and ACSC alerts.
- Work with end users to ensure security design features are suitable to allow the system to meet operational needs whilst still complying with the rules outlined in the ISM and DSPF.
- Essential: Tertiary qualification in Computer Science, Information Technology, Cyber Security, and six or more years' related work experience, or an equivalent combination of education and experience.
- Knowledge of security tools and technologies, including Standard Operating Environments (SOE), Tactical Data Links, SATCOM, and encryption methods (at rest, TLS, Digital Signatures and sanitisation methods).
- Strong working knowledge of Australian Defence security frameworks, Australian Signals Directorate (ASD) Australian Cyber Security Centre (ACSC) Information Security Manual (ISM) and the Defence Security Principles Framework (DSPF).
- Australian Citizen who currently holds or is eligible for Australian Security Clearance to NV1 level.
- Experience with the following System Security Documentation:
- System Security Plan and Annex
- Security Risk Management Plan
- Cyber Security Standard Operating Procedures
- Incident Response Plans
- Patch Management Plans
- Continuous Monitoring Plans
- SCCG
We are an equal opportunity employer. We do not accept unlawful discrimination in our recruitment or employment practices on any grounds including but not limited to race, color, ethnicity, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military and veteran status, or other characteristics covered by applicable law. We welcome applications from candidates with disabilities and encourage applicants to share with our recruitment team any accommodations required during the recruitment process.
Skills
Similar jobs
Journeyman Cyber Security Engineer (Splunk/TS) - USSOCOM EDAT Zero Trust
Kentro · Tampa, United States
7 minutes agoJourneyman Cyber Security Engineer (Splunk/SIPR) - USSOCOM EDAT Zero Trust
Kentro · Tampa, United States
39 minutes agoProduct Security Analyst (Mid-Senior) with Security Clearance
Boeing · Seattle, United States
1 hour ago$148.8k - $201.3k/yrSenior Splunk Cyber Security Engineer
MANTECH · Chantilly, United States
1 hour agoCyber Security Engineer
DCV Technologies · Stenigot, United Kingdom
1 hour agoInformation Security Analyst, Vulnerability Management
Bet365 · Manchester, United Kingdom
1 hour ago