We are seeking an adaptable, analytical and a self-motivated candidate, who will work well in a fast-paced and complex environment, whilst managing competing priorities under the direction of Cyber Resilience leadership.The role will be primarily focused on supporting the CSIRO Enterprise Services Digitalisation (ESD) program. The Enterprise Services Digitalisation (ESD) program is a CSIRO initiative to identify opportunities within CSIRO’s Enterprise Services (ES) to embrace the use of digital technologies and information to improve business operations. Underpinning the program is a desire for staff to have seamless, secure access to tools, systems and processes that back the delivery of world class science.
- Perform contract reviews to ensure that CSIRO’s assets and services are contractually protected, and make recommendations to ensure that CSIRO can meet contractual security obligations set by either party;
- Perform gap assessments on a solution and advise on any gaps identified and actions required to meet the solution’s target state;
- Provide general security guidance (e.g., initiate discussions to support security activity project planning) to the ESD program;
- Perform security risk assessments to evaluate the security risk posture of a solution and identify, communicate, and when necessary present the key applicable security risks and mitigation recommendations;
- Perform security reviews of CSIRO vendors’ security maturity in order to identify possible supply chain security risks and advise on any possible security risk mitigations;
- Review and report on a solution’s security state of compliance; and
- Develop other security deliverables as directed.
- Demonstrated experience in conducting gap assessments of on premise and cloud-based solutions against various security standards (e.g., Australian Government Information Security Manual (ISM));
- A diploma or degree in Information Technology (IT) (or related field) or equivalent relevant work experience;
- Demonstrated experience supporting the delivery of Information and Communication Technology (ICT) projects and/or solutions;
- Demonstrated experience with security frameworks including ISM and/or NIST Cyber Security Framework (CSF); and
- Demonstrated experience in supporting multiple complex projects, ability to multi-task, and manage a number of competing priorities.
Vacancy Type: Full Time
Job Location: Brisbane, Queensland, Australia
Application Deadline: N/A