Assistant Director, Cyber Risk and Assurance
Parliament of Australia
  • locationCanberra, ACT
  • salaryNot disclosed
  • full-time 24 February 2021
  • locationCanberra, ACT
  • salaryNot disclosed
  • full-time
Job Description

Who we are looking for? The Parliament of Australia is the legislative branch of the government of Australia. The Department of Parliamentary Services’ (DPS) Information Services Division is responsible for the effective and secure operation of Parliament House’s state-of-the-art digital network and computing environment, which underpins the operation of the Australian Parliament. Recent events demonstrate the increasing prevalence of malicious cyber activity targeted at the political and democratic process; in a number of countries. In support of the Australian Parliament, we regularly defend against, and prepare for, a range of cyber threats; including hacktivism, cybercrimes, cyber-attacks, cyber espionage and cyber warfare. To bolster our cyber capability we are seeking talented and motivated individuals to join our growing team to protect this critical national institution. As a member of a small team, you will work to uphold the integrity of Parliament House’s digital network and computing environment, and collaborate with a range of domestic cyber agencies as well as international partners representing the parliaments of the Five-Eyes intelligence alliance, which comprise Canada, New Zealand, the United Kingdom, and the United States. The Assistant Director, Cyber Risk and Assurance is a member of the Governance, Risk and Compliance section of the APH Cyber Security Branch. The successful applicant will have extensive experience in ICT Risk Management practices and the conduct of certification and accreditation processes in support of the Protective Security Policy Framework. The Assistant Director, Cyber Risk and Assurance will also assist the Director, ICT Governance, Risk and Compliance (the DPS ITSA) to develop security assessment reports (otherwise referred to as Certification Reports) to assist in the secure on-boarding of ICT systems for DPS. The successful candidate will have an understanding of cyber security and risk management in a federal government agency and will have a demonstrated ability to develop and conduct certification and accreditation of ICT systems. The position will require communication and collaboration skills and the ability to work effectively with members of multi-disciplinary teams. If you believe that you are a good fit for DPS, what we are looking for, and have the requisite skills, talent and aptitude to play a part in designing and delivering solutions to help in defending our national democracy against current and future cyber threats, we would like to hear from you. Eligibility, qualifications and Job Specific Requirements The successful applicant will be required to obtain and maintain a Negative Vetting 1 (Confidential/Highly Protected/Secret) security clearance. DPS welcomes applications from Aboriginal and Torres Strait Islander people, mature age people, people from diverse backgrounds and people with a disability. Mandatory:• A comprehensive knowledge of the standards which govern the security of government ICT systems as detailed in the Australian Signals Directorate publication, the Australian Government Information Security Manual (ISM). • A comprehensive knowledge of the Protective Security Policy Framework as developed by the Attorney-General’s Department. • Practical experience in the conduct of technical assurance activities, in particular, IRAP audits. • Demonstrated experience in the application of risk management techniques to ICT systems. • Experience with technical vulnerability management and vulnerability management tools. Desirable:• Tertiary and/or industry qualifications applicable to the role. • Highly developed written skills and a good degree of independent problem solving, sound judgement and critical thinking when working on complex tasks. • Experience working in federal government agencies would be highly regarded. • Experience in other skill areas of the information technology industry would be highly regarded. How to apply Please upload a one page response and current CV describing how your skills, knowledge and experience make you the best person for this job, based on the duties, qualities, and selection criteria outlined below. Your application is a chance to tell us why you are the right person for the job. We want to know why you want to work at DPS, why you are interested in the role, what you can offer us, and how your skills, knowledge, experience and qualifications are applicable to the role. If proof of qualifications, licences or certificates are required as part of the application process, please incoporate these documents into your resume or within your applicant response before you submit your application. Closing Date Applications must be submitted by 11:30pm AEDT, Friday 5 February 2021. Salary Currently, the salary range for this position is $103,329 - $117,977 per annum. Duty Statement Classification: PEL 1Employment Type: Ongoing Position No.: 00139562Local Title: Assistant Director, Cyber Risk and Assurance________________________________________________________________ Branch: Cyber Security BranchImmediate supervisor: Director, ICT Governance, Risk and ComplianceSecurity assessment: Negative Vetting 1 (Confidential/Highly Protected/Secret)________________________________________________________________ 1. Drive, manage and coordinate cyber security assurance activities in accordance with department ICT Security Accreditation and Certification standards which are based upon Accreditation and Certification standards found in the Protective Security Policy Framework. 2. Coordinate and manage internal resources, and provide advice and guidance to key stakeholders, to ensure the development and delivery of system risk management plans, system security plans and other supporting security artefacts as part of the ICT Security Accreditation standard. 3. Proactively engage with technical and business stakeholders to ensure the timely delivery of security assurance outcomes. 4. Manage ongoing assurance activities to ensure digital products and capabilities remain secure for ongoing use throughout the Australian Parliamentary Organisation. 5. In consultation with system owners, develop, prepare, maintain and present vulnerability management plans and utilise internal vulnerability assessment tools and techniques to manage vulnerabilities out of the APH Information Environment. 6. Identify, synthesise and report on all-source intelligence feeds in support of intelligence assessment and reporting duties of the Cyber Security Branch. 7. Maintain and proactively report on the ICT Security Risk Register. 8. Promote and maintain a safe, healthy and collaborative environment that exhibits a professional level of conduct. 9. Other duties as directed. Selection Criteria Applicants must address the following selection criteria in their claims against the position (no more than 1 page): 1. Experience in the conduct and successful delivery of certification of systems within the context of Government security standards, including: a. Preparation for IRAP assessment, b. Conduct of IRAP assessments, c. Security evaluations for Federal Government Departments, or d. Security evaluations for vendors providing services to Federal Government Departments. 2. Knowledge and experience in the application ISO31000 risk management family of standards within the context of ICT systems. 3. Organisational and analytical skills of a high order with demonstrated experience in work prioritisation, dealing with competing requirements/workloads. 4. Experience in preparing a range of written materials including security plans, assurance documentation and reports to key cyber security stakeholders in a Government context, demonstrated by excellent written and verbal communication skills. 5. Proven ability to elicit information and/or high-level requirements from customers and stakeholders in order to collaborate desired outcomes and demonstrated ability to translate these requirements into certification scopes, and determine applicability of control sets. 6. Demonstrated experience motivating a team to achieve strategic outcomes and collaboratively working to engage and enlist resources across multiple teams. 7. Demonstrates personal resilience and flexibility to deal with ambiguity and a challenging environment. Employees of DPS are required to be able, and to be seen to be able, to provide professional advice and services to all Senators and Members without favour or prejudice. Contact Person Name: Mitch Riley-MeijerPhone Number: 02 6277 5461Email: mitchell.riley-meijer@aph.gov.au Working at Department of Parliamentary Services DPS recognises and values the contribution that our diverse workforce makes and in return offers great benefits. These include a competitive salary, onsite free parking and gym facilities, a wide range of professional development opportunities so you can take your career further, and all of this in a friendly and supportive environment. Conditions of service are in accordance with the DPS Enterprise Agreement (available here). If you think this role sounds like you and you’d like to work in a friendly, high quality team then DPS welcomes your application. Conditions of Employment The Parliamentary Service Act 1999 provides for mobility between the Australian Public Service and the Parliamentary Service. Employment opportunities in the Parliamentary Service may be subject to a range of conditions of engagement including: a) Australian citizenshipb) criminal history check and security clearancesc) possession of mandatory qualifications for certain jobsd) health clearance, ande) probation period of 6 months Australian CitizenshipSection 22 of the Parliamentary Service Act 1999 requires that employees of the Parliamentary Service are generally required to be Australian citizens. If you are not an Australian citizen, you may still be considered for engagement on the condition that you are able to gain Australian Citizenship within a specified time. Failure to obtain citizenship within the timeframe could lead to termination of engagement. RedundancyIf you have accepted a redundancy benefit, within the previous twelve months, from a Commonwealth employer (including the Parliamentary Service and the Australian Public Service), you cannot be employed by DPS until your exclusion period (the number of weeks for which you received a redundancy benefit) has expired. If you would like to discuss your eligibility, please contact HR Services on telephone (02) 6277 5200. Advice to Applicants Your application is a chance to tell us why you are the right person for the job. We want to know why you want to work at DPS, why you are interested in the role, what you can offer us, and how your skills, knowledge, experience and qualifications are applicable to the role. In a nutshell – why should we hire you? Try not to duplicate information that can already be found in your resume, but do highlight any specific examples or achievements that will demonstrate your ability to perform the role. If you are unfamiliar with applying for APS jobs, the Australian Public Service Commission’s fact sheet on applying for jobs may be useful: Applying for an APS Job: Cracking the Code Some of DPS’s selection criteria are generic and are based on the Australian Public Service Commission’s Integrated Leadership System (ILS). Applicants will be expected to demonstrate how they would apply these skills to the requirements of the job as described. The Australian Public Service Commission’s ILS Leadership Pathway identifies and describes leadership capabilities at all classification levels

Supporting Documents

    NONE

Share This Job
About

As a leading specialist fibre and network solutions provider, Vocus connects people, businesses, governments, and communities across Australia and New Zealand, to the world. With a world-class team of experts, we challenge convention and do things d

Supporting Documents

    NONE

company-profile-photo

Assistant Director, Cyber Risk and Assurance

  • Job Details:
    Not disclosed AUD
    Canberra, ACT, Any
  • Key Dates:
    24 February 2021
    Last -7 days to apply
  • Industry:
    Board, Senior and General Management
  • Insights:
    0 Applicants
    1 Views
Job Description

Who we are looking for? The Parliament of Australia is the legislative branch of the government of Australia. The Department of Parliamentary Services’ (DPS) Information Services Division is responsible for the effective and secure operation of Parliament House’s state-of-the-art digital network and computing environment, which underpins the operation of the Australian Parliament. Recent events demonstrate the increasing prevalence of malicious cyber activity targeted at the political and democratic process; in a number of countries. In support of the Australian Parliament, we regularly defend against, and prepare for, a range of cyber threats; including hacktivism, cybercrimes, cyber-attacks, cyber espionage and cyber warfare. To bolster our cyber capability we are seeking talented and motivated individuals to join our growing team to protect this critical national institution. As a member of a small team, you will work to uphold the integrity of Parliament House’s digital network and computing environment, and collaborate with a range of domestic cyber agencies as well as international partners representing the parliaments of the Five-Eyes intelligence alliance, which comprise Canada, New Zealand, the United Kingdom, and the United States. The Assistant Director, Cyber Risk and Assurance is a member of the Governance, Risk and Compliance section of the APH Cyber Security Branch. The successful applicant will have extensive experience in ICT Risk Management practices and the conduct of certification and accreditation processes in support of the Protective Security Policy Framework. The Assistant Director, Cyber Risk and Assurance will also assist the Director, ICT Governance, Risk and Compliance (the DPS ITSA) to develop security assessment reports (otherwise referred to as Certification Reports) to assist in the secure on-boarding of ICT systems for DPS. The successful candidate will have an understanding of cyber security and risk management in a federal government agency and will have a demonstrated ability to develop and conduct certification and accreditation of ICT systems. The position will require communication and collaboration skills and the ability to work effectively with members of multi-disciplinary teams. If you believe that you are a good fit for DPS, what we are looking for, and have the requisite skills, talent and aptitude to play a part in designing and delivering solutions to help in defending our national democracy against current and future cyber threats, we would like to hear from you. Eligibility, qualifications and Job Specific Requirements The successful applicant will be required to obtain and maintain a Negative Vetting 1 (Confidential/Highly Protected/Secret) security clearance. DPS welcomes applications from Aboriginal and Torres Strait Islander people, mature age people, people from diverse backgrounds and people with a disability. Mandatory:• A comprehensive knowledge of the standards which govern the security of government ICT systems as detailed in the Australian Signals Directorate publication, the Australian Government Information Security Manual (ISM). • A comprehensive knowledge of the Protective Security Policy Framework as developed by the Attorney-General’s Department. • Practical experience in the conduct of technical assurance activities, in particular, IRAP audits. • Demonstrated experience in the application of risk management techniques to ICT systems. • Experience with technical vulnerability management and vulnerability management tools. Desirable:• Tertiary and/or industry qualifications applicable to the role. • Highly developed written skills and a good degree of independent problem solving, sound judgement and critical thinking when working on complex tasks. • Experience working in federal government agencies would be highly regarded. • Experience in other skill areas of the information technology industry would be highly regarded. How to apply Please upload a one page response and current CV describing how your skills, knowledge and experience make you the best person for this job, based on the duties, qualities, and selection criteria outlined below. Your application is a chance to tell us why you are the right person for the job. We want to know why you want to work at DPS, why you are interested in the role, what you can offer us, and how your skills, knowledge, experience and qualifications are applicable to the role. If proof of qualifications, licences or certificates are required as part of the application process, please incoporate these documents into your resume or within your applicant response before you submit your application. Closing Date Applications must be submitted by 11:30pm AEDT, Friday 5 February 2021. Salary Currently, the salary range for this position is $103,329 - $117,977 per annum. Duty Statement Classification: PEL 1Employment Type: Ongoing Position No.: 00139562Local Title: Assistant Director, Cyber Risk and Assurance________________________________________________________________ Branch: Cyber Security BranchImmediate supervisor: Director, ICT Governance, Risk and ComplianceSecurity assessment: Negative Vetting 1 (Confidential/Highly Protected/Secret)________________________________________________________________ 1. Drive, manage and coordinate cyber security assurance activities in accordance with department ICT Security Accreditation and Certification standards which are based upon Accreditation and Certification standards found in the Protective Security Policy Framework. 2. Coordinate and manage internal resources, and provide advice and guidance to key stakeholders, to ensure the development and delivery of system risk management plans, system security plans and other supporting security artefacts as part of the ICT Security Accreditation standard. 3. Proactively engage with technical and business stakeholders to ensure the timely delivery of security assurance outcomes. 4. Manage ongoing assurance activities to ensure digital products and capabilities remain secure for ongoing use throughout the Australian Parliamentary Organisation. 5. In consultation with system owners, develop, prepare, maintain and present vulnerability management plans and utilise internal vulnerability assessment tools and techniques to manage vulnerabilities out of the APH Information Environment. 6. Identify, synthesise and report on all-source intelligence feeds in support of intelligence assessment and reporting duties of the Cyber Security Branch. 7. Maintain and proactively report on the ICT Security Risk Register. 8. Promote and maintain a safe, healthy and collaborative environment that exhibits a professional level of conduct. 9. Other duties as directed. Selection Criteria Applicants must address the following selection criteria in their claims against the position (no more than 1 page): 1. Experience in the conduct and successful delivery of certification of systems within the context of Government security standards, including: a. Preparation for IRAP assessment, b. Conduct of IRAP assessments, c. Security evaluations for Federal Government Departments, or d. Security evaluations for vendors providing services to Federal Government Departments. 2. Knowledge and experience in the application ISO31000 risk management family of standards within the context of ICT systems. 3. Organisational and analytical skills of a high order with demonstrated experience in work prioritisation, dealing with competing requirements/workloads. 4. Experience in preparing a range of written materials including security plans, assurance documentation and reports to key cyber security stakeholders in a Government context, demonstrated by excellent written and verbal communication skills. 5. Proven ability to elicit information and/or high-level requirements from customers and stakeholders in order to collaborate desired outcomes and demonstrated ability to translate these requirements into certification scopes, and determine applicability of control sets. 6. Demonstrated experience motivating a team to achieve strategic outcomes and collaboratively working to engage and enlist resources across multiple teams. 7. Demonstrates personal resilience and flexibility to deal with ambiguity and a challenging environment. Employees of DPS are required to be able, and to be seen to be able, to provide professional advice and services to all Senators and Members without favour or prejudice. Contact Person Name: Mitch Riley-MeijerPhone Number: 02 6277 5461Email: mitchell.riley-meijer@aph.gov.au Working at Department of Parliamentary Services DPS recognises and values the contribution that our diverse workforce makes and in return offers great benefits. These include a competitive salary, onsite free parking and gym facilities, a wide range of professional development opportunities so you can take your career further, and all of this in a friendly and supportive environment. Conditions of service are in accordance with the DPS Enterprise Agreement (available here). If you think this role sounds like you and you’d like to work in a friendly, high quality team then DPS welcomes your application. Conditions of Employment The Parliamentary Service Act 1999 provides for mobility between the Australian Public Service and the Parliamentary Service. Employment opportunities in the Parliamentary Service may be subject to a range of conditions of engagement including: a) Australian citizenshipb) criminal history check and security clearancesc) possession of mandatory qualifications for certain jobsd) health clearance, ande) probation period of 6 months Australian CitizenshipSection 22 of the Parliamentary Service Act 1999 requires that employees of the Parliamentary Service are generally required to be Australian citizens. If you are not an Australian citizen, you may still be considered for engagement on the condition that you are able to gain Australian Citizenship within a specified time. Failure to obtain citizenship within the timeframe could lead to termination of engagement. RedundancyIf you have accepted a redundancy benefit, within the previous twelve months, from a Commonwealth employer (including the Parliamentary Service and the Australian Public Service), you cannot be employed by DPS until your exclusion period (the number of weeks for which you received a redundancy benefit) has expired. If you would like to discuss your eligibility, please contact HR Services on telephone (02) 6277 5200. Advice to Applicants Your application is a chance to tell us why you are the right person for the job. We want to know why you want to work at DPS, why you are interested in the role, what you can offer us, and how your skills, knowledge, experience and qualifications are applicable to the role. In a nutshell – why should we hire you? Try not to duplicate information that can already be found in your resume, but do highlight any specific examples or achievements that will demonstrate your ability to perform the role. If you are unfamiliar with applying for APS jobs, the Australian Public Service Commission’s fact sheet on applying for jobs may be useful: Applying for an APS Job: Cracking the Code Some of DPS’s selection criteria are generic and are based on the Australian Public Service Commission’s Integrated Leadership System (ILS). Applicants will be expected to demonstrate how they would apply these skills to the requirements of the job as described. The Australian Public Service Commission’s ILS Leadership Pathway identifies and describes leadership capabilities at all classification levels


Be Careful

Don’t provide your bank or credit card details when applying for jobs. Learn how to protect yourself here.

Share This Job
Want to be successful in securing this job?

Post your task and get experts help on:

  • Resume
  • Coverletter
  • Job Application

Get help from Experts Now!