Security Advisor for IT Services - CSIRO - ExecutiveCareer

First listed on: 07 November 2022

Security Advisor for IT Services

 

Acknowledgement of Country

CSIRO acknowledges the Traditional Owners of the land, sea and waters, of the area that we live and work on across Australia. We acknowledge their continuing connection to their culture and pay our respects to their Elders past and present. View our vision towards reconciliation

The Opportunity

  • Outstanding opportunities to grow & develop your career
  • Flexible work arrangements!?
  • Highly collaborative work environment

CSIRO is looking for a motivated security professional to join the Cyber Security Resilience team as a Senior Cyber Security Advisor to provide security assurance and security advisory expertise to protect CSIRO’s valuable digital assets and reputation.

The candidate will have experience across a range of industries and can provide practical security advice and quality deliverable outputs to the organisation, through positive collaborative engagement with key stakeholders.

The role will be primarily focused on supporting the IT Services Programs in the Information Management and Technology Business Unit. IT Services design build CSIRO’s networks, maintain the organisations directory services, video conferencing and collaboration systems as well as deploy the organisations endpoints and provide the Service desk capability. IT Services is running a large work program that is implementing improvements and modernising foundation infrastructure upon which all of CSIROs systems run. Underpinning the program is a desire for staff to have seamless, secure access to tools, systems and processes that back the delivery of world class science. The size of the work program requires dedicated attention from a cyber security resilience perspective to assure the security of the systems from the ground up.

Your duties will include:

  • Lead and provide general security guidance (e.g., initiate discussions to support security activity project planning) to the programs;
  • Develop security risk assessments to identify and assess the security risk posture of a solution and identify the key applicable treatment recommendations;
  • Manage and/or perform security reviews of CSIRO vendors’ security maturity in order to identify possible supply chain security risks and advise on any possible security risk mitigations;
  • Perform contract reviews to improve the security within a contract when engaging third parties, and to identify potential security issues and make recommendations when security obligations are being set either party within a contract;
  • Lead and/or perform gap assessments solutions and provide recommendations that would help guide those solutions to meet their intended target state, or to meet specific security best practices and standards;
  • Lead and/or perform compliance audits on a solution against common cyber security best practices and standards;

Location: Sydney (Lindfield), Melbourne (Clayton), Canberra (Black Mountain), Brisbane (St Lucia)
Salary: AU$120k - AU$140k plus up to 15.4% superannuation
Tenure: Indefinite
Reference: 90299

To be considered you will need:

  1. Demonstrated experience in the development and delivery of security business requirements that meet security compliance requirements (e.g., ISO 27001, Australian Government Information Security Manual (ISM)), best practice standards (e.g., NIST frameworks and special publications), and/or risk-based needs;
  2. Demonstrated experience in the definition, design, and assisting in the implementation of appropriate controls to mitigate against the risks of cyber-attacks and mitigate vulnerabilities across digital services and enterprise applications;
  3. Demonstrated experience in scoping and conducting security assessments of new on-premises and cloud-based systems, applications, and changes that affect the security posture of a solution;
  4. Demonstrated experience in the analysis and resolution of complex technical and cyber security issues;
  5. Demonstrated experience in the development, uplift, maintenance, and continuous improvement of new and existing team security capabilities;
  6. Relevant certificates in cyber security (e.g., CISSP, CISM, CRISC, SABSA, etc.).

For full details about this role please review the Position Description

Eligibility

Applications for this position are open to Australian Citizens only

Appointment to this role is subject to provision of a national police check and the ability to obtain and maintain a security clearance at the NV1 level

CSIRO requires proof of vaccination against COVID-19 as a condition of entry to all CSIRO locations. Please be advised you may be asked for proof of vaccination as part of the recruitment process.

Flexible Working Arrangements

We work flexibly at CSIRO, offering a range of options for how, when and where you work. 

Diversity and Inclusion

We are working hard to recruit people representing the diversity across our society, and ensure that all our people feel supported to do their best work and feel empowered to let their ideas flourish. 

About CSIRO

At CSIRO Australia's national science agency, we solve the greatest challenges through innovative science and technology. We put the safety and wellbeing of our people above all else and earn trust everywhere because we only deal in facts. We collaborate widely and generously and deliver solutions with real impact. 

Join us and start creating tomorrow today!

How to Apply

Please apply on-line and provide a cover letter and CV that best demonstrate your motivation and ability to meet the requirements of this role.

Applications Close

27th of November 2022, 11:00pm AEDT

Shortlisting for this role will take place as applications are received. 

Please consider applying ASAP