1300 4 INDEX
BO04 Security Manager / Security Project Manager - Joint Project 9101 Manages, liaises and coordinates all cyber and security requirements for the Project. The EDHFCS will require network security monitoring, ICT and physical security accreditation. Joint Project 9101 MUST HAVE a NV-1 Clearance or above
Delivering management, technical and administrative services to implement security controls and security management strategies

MUST HAVE  NV-1 Clearance or above

  • This role will require the facilitation of security and cyber worthiness working groups for system/capability stakeholders to inform/report the technical and non-technical security status of the systems
  • PSPF, DSPF and ISM experience with a deep understanding of the Defence ICT, EMSEC and Physical Certification and Accreditation (C&A) process.
    • IRAP or other security certifications including the CISSP, CISM, CISA or CRISC will be a plus, but not essential.
    • You are required to provide ad hoc security advice and support as required within the Strategic High Frequency Communications (SHFC) capability and Joint Project 9101
  • Project related functions:
  • Project Security strategies, plans, Schedules, and estimates
  • Project Security documentation
  • Advice on project implementation and project activities for Security deliverables
  • Briefings, workshops, and presentations
  • Reports generation
  • SFIA – 2.6 Systems and Software Engineering – System Security
  • The Service Provider shall provide system security services requiring a combination of technical security and managerial expertise. The required services may include:
  • Conduct capability and concept development in context with
  • Technical security
  • Conduct security requirements analysis and development
  • Conduct security design and implementation
  • Conduct V&V
  • Conduct security certification/accreditation and support
  • Plan and deliver engineering services, regulatory compliance, Resource management and project outcomes
  • Conduct reviews of contract deliverables
  • Security engineering services
  • Design documents and specialist engineering reports
  • Plans and reports
  • Security requirements, plans, procedures and reports
  • Security V&V plans, and procedures
  • Hazard analyses and reports
  • Contract documentation, plans, and reports
  • Services are to be provided by personnel holding tertiary qualifications in a relevant computer science, networking, engineering, or a related field, and experience in, and practical knowledge of, security management, as defined by the Defence Security Manual and other the Defence security policies
  • Services are to be provided commensurate with relevant Australian and International Standards, regulations and Defence requirements
  • Service providers are to employ industry best practice when undertaking
  • the Services

·       Information security: Level 3

  • Communicates information security risks and issues to business managers and others. Performs basic risk assessments for small information systems. Contributes to vulnerability assessments. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Takes action to respond to security breaches in line with security policy and records the incidents and action taken.
  • Level 3 attributes:
  • Autonomy
  • Works under general direction. Uses discretion in identifying and responding to complex issues and assignments. Receives specific direction, accepts guidance and has work reviewed at agreed milestones. Determines when issues should be escalated to a higher level.
  • Influence
  • Interacts with and influences colleagues. Has working level contact with customers, suppliers and partners. May supervise others or make decisions which impact the work assigned to individuals or phases of projects. Understands and collaborates on the analysis of user/customer needs and represents this in their work
  • Complexity
  • Performs a range of work, sometimes complex and non-routine, in a variety of environments. Applies methodical approach to issue definition and resolution
  • Knowledge
  • Has a sound generic, domain and specialist knowledge necessary to perform effectively in the organisation typically gained from recognised bodies of knowledge and organisational information Demonstrates effective application of knowledge. Has an appreciation of the wider business context. Takes action to develop own knowledge
  • Business skills
  • Demonstrates effective communication skills
  • Plans, schedules and monitors own work (and that of others where applicable) competently within limited deadlines and according to relevant legislation, standards and procedures
  • Contributes fully to the work of teams. Appreciates how own role relates to other roles and to the business of the employer or client
  • Demonstrates an analytical and systematic approach to issue resolution
  • Takes the initiative in identifying and negotiating appropriate personal development opportunities
  • Understands how own role impacts security and demonstrates routine security practice and knowledge required for own work

 

    Apply now.

    Please fill in your details to complete the job application.