Senior Cyber Security Assurance Risk Analyst
Senior Cyber Security Assurance Risk Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Description
Senior Cyber Security Assurance and Risk Analyst
- Fed Gov aviation sector
- Brisbane Airport WFH 3 days in office) free onsite parking
- Australian Citizenship and the ability to obtain an NV1 Security Clearance are required.
Reporting to the Cyber Security Design and Assurance Lead you will be responsible for providing expert support for delivering enterprisewide security governance capability and developing efficient and streamlined associated methodologies and processes.
As the Senior Cyber Security Assurance and Risk Analyst you will provide operational support in delivering Cyber Security governance risk assurance audit and compliance to ensure that the Cyber Security strategic objectives are achieved and that information resources are secured effectively from threat while enabling the business to operate effectively.
This role will require close collaboration with other major areas in the Cyber Security team assisting in achieving Cyber Resilience. Working with the business you will use your experience and skills to provide security advice to help develop manage and maintain effective environmental controls.
Responsibilities:
- In this role youll be a credible source of expert information and provide expert cyber security advice to stakeholders to assist them acquit their security assurance and risk management accountabilities.
- Establish build and maintain highly effective working relationships with internal and external stakeholders.
- Understand the Information Security Risk and control environment within the context of strategic and Organisational objectives.
- You will manage risk and assurance outcomes through the GRC and CIRRIS toolsets.
- Assist broader Stakeholders understand the control environment in order to manage systems under their control effectively within the security landscape.
- Manage and produce quality reports and advice on control effectiveness.
- Assist programs of work through the certification and accreditation process.
- Provide specialist cyber security assurance and risk management advice.
- Preparation and/or validation of Security Requirements for RFQ / RFI usage.
- Participate as security SME on RFQ/RFI panels.
- Work with program teams to ensure alignment with security standards.
- Attend Change Advisory Board meetings as the security representative.
- Assist with preparing statements of work for acquiring panel resources to meet security requirements (e.g. developing System Security Plans Statements of Applicability security risk assessments and others as required).
- Perform quality control of vendor securityrelated deliverables.
- Assist in the maintenance of information security standards.
To be successful in this position it is expected that you will have the following:
- Solid skills and experience in providing cyber assurance and risk management services in a highpaced complex enterprise.
- Industryrecognised qualifications in at least one of the following or similar are essential:
- CISSP Certified Information Systems Security Professional
- CISSP ISSAP ISSEP ISSMP
- ICS410: ICS/SCADA Security Essentials
- CISA Certified Information Systems Auditor
- CRISC Certified Risk and Information Systems Control
- CGEIT Certified in the Governance of Enterprise IT
- Formal Industry or academic qualifications in an Information Communications Technology (ICT) discipline or Cyber Security are highly desirable.
- Understanding cyber risks and the ability to provide effective advice on security controls in traditional ICT and operational technology (OT) environments.
- Ability to translate technical security issues through a business lens.
- Demonstrated experience in cyber assurance functions focusing on risk analysis and alignment to government and industry cyber standards.
- Understanding of IT Security Management principles and delivery within an ITILbased operational framework.
- Good written and verbal communication skills including presentations and reporting.
- Strong soft skills in negotiation prioritisation and time management.
- Experience in supporting the business with cyber security advice using a riskbased approach.
- Working Knowledge of Risk Management and its application in an information security context.
- Review and contribute to security assessments by considering business criticality information sensitivity and security objectives.
- Understanding of: NIST 80039 Managing Information Security Risk and
- NIST 80037 Risk Management Framework for Information Systems
- A proactive approach to customer issues and problem resolution.
- Ability to build and maintain effective working relationships and engage with key internal and external stakeholders at all levels.
- Sound research analytical conceptual and problemsolving skills including the proven capacity to initiate operational responses to key issues affecting a system.
- Ability to set clear objectives and monitor outcomes.
Eligibility:
- Australian Citizenship and the ability to obtain an NV1 Security Clearance are required.
Work From Home Policy:
- Hybrid 3 days in office) free onsite parking
Rate:
- Up to $142000 pending experience 14 superannuation
Apply now.
- For more information contact Iain on
Required Experience:
Senior IC
Employment Type
Full-Time
