CASA 20/199 – 1 x IT Security Officer
Tender ID: 456512
Tender Details
Tender Description
This Tender is invited by the Issuer.
Note - This opportunity has been sent to selected suppliers only. Should CASA require other/further/new submissions CASA will make direct contact. Unsolicited emails will not be answered.
Reporting to the Director, IT Security and Cyber Risk, the ITSO will work within the CASA IT Security team supporting the ongoing security administration and management of cyber security risk within the Authority.
The successful applicant will be required to implement Australian Government Security requirements and standards including, but not limited to the:
• Information Security Manual (ISM);
• Essential 8;
• Protective Security policy Framework (PSPF); and
• Australian Privacy act 1988.
The individual will also need to become familiar with better practices and standards that relate to cyber security including, but not limited to:
• ISO/IEC 27001 Information security management and related standards;
• Technical frameworks and standards including MITRE (ATT&CK and CVE) and OWASP (secure development and Top 10) and Open Source Security Testing Methodology Manual (OSSTMM);
• NIST security standards including the Cybersecurity Framework and SP 800 series; and
• ISO 31000:2018, Risk management – Guidelines, provides principles, framework and a process for managing risk and related standards.
In addition to the above, the specified personnel will be responsible for the following tasks:
a) Performing ongoing operation and administration of key security and monitoring systems.
b) Conducting security assurance audits and reviews and communicating results to the ITSA.
c) Assisting in the drafting and review of key security artefacts and accreditation documentation sets.
d) Reviewing and validating user access and permissions on key Authority systems against defined policies and procedures.
e) Reviewing, assessing and identifying vulnerabilities in Authority systems and processes.
f) Monitoring the ongoing security compliance and strength of controls (e.g. system patching) within the Authority.
g) Identifying and reporting on potential or actual security breaches within the Authority.
h) Assisting Authority staff and business units with the remediation of identified security issues.
i) Raising awareness of applicable information security policies and standards within the Authority.
j) Monitoring key Authority security processes such as change control and release management and reporting on unresolved security exposures, misuse of resources or Authority non-compliance.
k) Maintain effective relationships with CASA stakeholders and service providers.
l) Promote workplace safety, equity and diversity and participative management and environmental management practices in the workplace and act in accordance with CASA values and behaviours
.
The candidates provided must have the following skills:
Mandatory
a) More than one (1) year in an IT or security administration role.
b) Hands on experience with network protocols and appliances, Microsoft technologies including Active Directory and PowerShell, cloud technologies and reviewing of audit and monitoring logs.
c) Must be able to demonstrate the ability to problem solve and develop technical solutions to business problems.
d) The candidate must have a minimum Australian Government security clearance (BASELINE).
Desirable
a) Excellent verbal and written communication skills.
b) Excellent analytical skills.
Location
Based in Aviation House, Phillip, ACT the Resource must work (on average) 8 hours per day (40 hours per week) between the core hours of 8.00am and 5.00pm Monday to Friday.
Note: Non-Canberra based and Offsite will be considered at the discretion of CASA.
Location
Australian Capital Territory
Outside Australia
New Zealand : Auckland : Bay of Plenty : Canterbury : Chatham Islands : Gisborne : Hawke's Bay : Kermadec : Manawatu-Wanganui : Marlborough : Nelson : Northland : Otago : Southland : Subantartic : Taranaki : Tasman-Nelson : Three Kings : Waikato : Wellington : West Coast
Similar Tenders
Active opportunities matching this tender's categories and regions.