Cyber Security Manager - Governance, Risk & Compliance
- Canberra ACT, Australia
- Job Type: Permanent
Our name isn’t the only thing that’s unique about Leidos Australia. We’re a complex systems integration company building world-class solutions across government and Defence that ensure peace of mind for the entire nation. Supported by global backing from our US network, we’re trusted by our customers to deliver the most innovative answers to their most complex challenges. Seriously interesting work that benefits and safeguards every Australian. That’s where you come in.
Your New Role
We have a great opportunity to work on high profile, complex projects for the Department of Defence. These projects vary in nature so this is your opportunity to make your mark, and work with highly skilled teams that are leaders in their respective fields.
As a Security Architect you will be responsible for managing the security design leading to accreditation and certification of software systems. It is a governance heavy role, in which you will need to:
- Develop, implement and maintain security governance, including security frameworks, policies, and standards, in accordance with ISM and DSPF
- Develop, implement and maintain the Security Risk Management Plans (SRMPs) and SSPs supporting certification and accreditation for major projects being delivered
- Develop certification and conformance evaluation criteria to ensure successful system acceptance
- Maintain and improve the system security documentation package
- Liaise with service delivery areas, client management, Project Management and client security areas to ensure security processes are appropriately designed, effective and implemented
- Conduct routine audits to validate the certification and conformance readiness state achieve System Certification and Accreditation
- Lead identification, implementation and review of the full range of I&A measures to ensure certification and accreditation is maintained in a complex environment
- Engage with key stakeholders for effective Cyber Governance and security outcomes across all environments
- Act as a risk practitioner for ICT systems and represent the organisation in key cyber risk management forums.
About You and What You'll Bring:
A Bachelor degree or higher in software engineering, computer science or a related discipline, together with substantial relevant professional experience and specialised training will be highly regarded. Relevant certifications or Professional membership would be desirable.
- Substantial professional experience with security architecture, certification and accreditation across ICT program delivery
- Technical background with an understanding of commonly deployed security tools, networks and operating systems (EPP, HIPS, Firewalls, SIEM, Wintel/Unix, virtualisation) in a Government context
- Experience in Government information assurance requirements including the Australian Government Information Security Manual (ISM) and Defence Security Principles Framework (DSPF)
- Familiar with security frameworks and standards (PSPF, ISM, ISO27k, NIST)
- Knowledge and exposure to systems and enterprise architecture, systems engineering, software and ICT engineering and interface protocols
- Current IRAP or desire and ability to become an IRAP Assessor
- Experience working on large, complex ICT projects and in Defence ICT.
This role does require the successful applicant to hold a NV1 Australian Government Security Clearance and be eligible to upgrade to NV2.
What You'll Love
As a business we are focusing on setting people up for growth and success, so individuals can develop specialist skills and make significant contributions whilst broadening their experience within the cyber security field. If this sounds like you and you have the right attitude coupled with the willingness to challenge yourself and want to lead a team delivering capability for government – apply today.