Job Information
CYOS Solutions Senior Cyber Security Architect in Remote, Australia
Application closing date: Friday, 27 September 2024 • 11:59pm, Canberra time (in Canberra)
Estimated start date: Friday, 01 November 2024
Location of work: ACT
Working arrangements: Candidates must work from Services Australia's offices in one of the identified locations a minimum of 2 days per week.
Length of contract: 12 Months
Contract extensions: 2 x 12 months
Security clearance: Must be able to obtain Baseline
Rates: $140 - $170 per hour (inc. super)
At Services Australia a Senior Security Architects is expected to operate with a significant degree of independence and work under the broad guidance of senior staff to deliver quality outcomes. Additionally, they will provide direction to other staff and take responsibility for delivering artefacts and outcomes for their discipline area.
They operate with a high level of autonomy, with decision-making highly dependent on their own judgement. Additionally, they identify and drive innovation, manage and lead change, and has an active role in contributing to and implementing the agency's strategic direction.
Services Australia is seeking a Senior Cyber Security Architect who will provide architecture services to design and develop a fully costed plan and business case to uplift Services Australia's (the Agency) cyber security posture, to appropriately protect significant quantities of sensitive and personal data from escalating cyber threats long-term. This includes a roadmap for implementation of cyber security requirements to reach Government agreed tolerance and risk appetite, that would uplift the Agency's cyber security posture developed consistent with the 2023-2030 Australian Cyber Security Strategy and Commonwealth Cyber Security Uplift Plan, to account for any Agency systems designated as a System of Government Significance.
The Senior Cyber Security Architect should have significant experience with designing and implementing contemporary information and cyber security principles such as secure-by-design and zero trust and represent the Agency in engagements with external stakeholders, including the Australian Signals Directorate, National Office of Cyber Security and the Digital Transformation Agency.
Key duties may include, but are not limited to:
Provide expert advice and guidance on contemporary security strategies to manage identified risks and ensure adoption and adherence to industry and mandated standards.
Conduct a comprehensive current state analysis of the cyber security arrangements in the Agency's ICT environment and provides recommendations on cyber enhancements needed to bring the future ICT landscape inline with best practice Cyber Security practices.
Contribute to the development of a fully costed cyber security uplift plan and business case to uplift Services Australias cyber security posture, to appropriately protect significant quantities of sensitive and personal data from escalating cyber threats long-term utilising contemporary industry best practices such as secure by design and zero trust.
Develop new architecture that mitigates the risks posed by new technologies and business practices.
Contribute to the development of a cyber security strategy and roadmap for implementation of cyber security requirements and practices to reach Government agreed tolerance and risk appetite that would uplift the Agency's cyber security posture developed consistently with the 2023-2030 Australian Cyber Security Strategy and target state for a future ICT Architecture.
Design the security solutions to support and align to the Agencys cyber security and business/ICT requirements.
Document, present and discuss the end-to-end security architecture and solution options, recommendations, implications, and facilitate and support the decision process.
Lead end-to-end cyber security solution analysis, design, integration, architecture, coexistence and migration.
Act as single point of contact to orchestrate the parties involved in complex security projects/programs from a technical and security architecture perspective.
Ensure adherence to technical security program scope through change requests, managing resources, and technical solution risks and issues.
Upskill Cyber Security Division staff through coaching, mentoring and succession planning.
Proactively share knowledge and expertise as the subject matter expert and provide assistance and mentorship to less experienced colleagues.
Drive innovation, continuous improvement, manage and lead change to cyber security systems and processes.
Oversee and prepare a range of technical documentation and reports to provide technical leadership to the cyber security projects and services including reviewing test plans and business verification where required.
Collaborate with a broad range of internal and external stakeholders to achieve cyber security project outcomes.
Oversee and direct the work of other staff within their stream as required.
Primary Technologies:
- Au-PDNS, Host-based Sensors (HBS), TLS, DMARC, Wintel, Other mid-range, ASDs Essential 8, Cloud, Zero Trust, ICT Networks, Windows and Linux Operating Systems, M204, SAP CRM.
Essential Criteria
Demonstrated experience undertaking cyber security architecture analysis, design and implementation that increases cyber security practices in an organisation.
Tertiary qualifications in Information Technology or a similar related field of study.
Desirable Criteria
Experience leading and undertaking current state analysis of Cyber Security arrangements in an organisation and providing recommendations on how to uplift ICT environments and Cyber Operations practices that improves cyber maturity.
Strong understanding of industry best practice Cyber Security technologies, practices and legislative frameworks that guides the design and implementation of cyber security process and technologies (such as the PSPF, ISM and NIST).
Demonstrated experience leading teams to develop ICT architectures, blueprints and roadmaps that articulate transformation needed to achieve future target states. Experience in Cyber Security domain is desirable.
Strong ability to develop and nurture productive relationships with key stakeholders and work collegiately with others as part of a multi-disciplinary team to achieve outcomes.
Strong communication and negotiation skills and the ability to influence stakeholders at all levels including senior executives and external agencies.
Ability to set direction and lead other resources as required to achieve target deliverables and outcomes.