IT Security Advisor
6 Month Contract
Digital Transformation Project
We are currently seeking an IT Security Advisor to support a large program of work for an Australian Government client.
In particular, the ITSA team will:
- Provide subject matter expertise and thought leadership in establishing, governing and managing information security activities within the program
- Report directly to the Information Security Officer to provide guidance, and advisory services including security controls, information security training, legislative requirements and ISM / PSPF control implementation advice
- Conduct security audits and reviews, and lead the design and operation of compliance monitoring and improvement activities
- Conduct liaison with external stakeholders, including technical teams, business owners and delivery stream leaders to meet IRAP accreditation needs
- Evaluate security policy and legislation to ensure any changes are reflected in security documentation and awareness material
- Develop and managing security programs, policies and standards
- Develop and document policies and communications material for new security initiatives, sub-projects and regulatory changes
- Participate in risk assessment working groups and working with other security managers to continuously improve the effectiveness and efficiency of the security program
- Identify, develop and implement Information Security processes, standards and policies aligned with the Australian Government Information Security Manual and Protective Security Policy Framework
- Work closely with stream leads to ensure the application of security controls meets business requirements and aligns to the Security Risk Management Plan (SRMP), Information Security Policy (ISP), Commonwealth Data Protection Plan (CDPP) and other appropriate policy documentation
- Work closely with internal business units to ensure operational adherence to overall Information Security governance framework
- On-going auditing, monitoring and improvement of security controls
- Providing guidance, education and training to ensure Information Security control adherence and compliance (people, processes and technology)
The ITSA must have a detailed knowledge of agency specific and Australian Government protective security policy, principles and minimum standards, and be provided with opportunity to maintain and expand this knowledge
WHAT YOU'LL BRING
- Minimum of five years of experience in Information Security, audit, assurance, governance, risk or compliance
- Experience in developing and administering an information security program (desirable)
- Senior level experience in Information Security and a sound understanding of information security principles, governance, polices and standards
- Appropriate technical knowledge to make informed decisions about business risks and vulnerabilities
- Capable of interpreting, implementing and maintaining quality standards required by ISM and other technical and legislative requirements when developing documentation
- Must show an aptitude for attention to detail and an analytical approach to problem solving
- Very good interpersonal and communication skills
- Ability to produce high quality written materials
- Self-motivated with the desire to work in a fast-paced environment
- Ability to build effective relationships with a diverse range of people and to participate in effective teams.
- Approaches challenge enthusiastically with a 'can do' attitude.
- Ability to work collaboratively with multiple internal stakeholders
- Ideally, the ITSA you will be industry certified in CISSP, CISM, MS or equivalent certifications. The ITSA will have extensive understanding of real-world offensive and defensive techniques.
The successful applicant will meet the requirements of and obtain an Australian Government Security Vetting Agency NV1 (negative vetting 1) Security Clearance - must be an Australia Citizen
Please submit your details for immediate review.
Salt is acting as an Employment Business in relation to this vacancy.