1 x Director Cyber Security – Greenway, ACT

⁠⁠⁠About the NDIA
The National Disability Insurance Agency (NDIA) is an independent statutory agency that is responsible for implementing the National Disability Insurance Scheme (NDIS), which will support a better life for hundreds of thousands of Australians with a significant and permanent disability and their families and carers. The NDIA values a positive contemporary attitude to disability.

As a Federal Agency, we work within a legislative and regulatory environment. We adhere to the Australian Public Service Code of Conduct as set out in section 13 of the Public Service Act 1999.

Our work is driven by the Corporate Plan which provides strategic direction to achieve our purpose of making a difference so that people with disability can choose and achieve their goals.
The NDIA Values are:

Our values reflect our passion and commitment to building a positive, participant-centred culture.

About the Team

The Protective and Cyber Security Branch are responsible for implementing the requirements of the Protective Security Policy Framework within the Agency. They provide strategic oversight of Protective Security across Security Governance, Information Security, Personnel Security and Physical Security.

Cyber contributes to the success of the Scheme by offering pragmatic, risk based advice on the secure and reliable operation of information technology systems.

About the Role
The EL2 Director Cyber Security is an important team leadership position within the NDIA and will have delegated authority and responsibility to resolve issues and risks across wide-ranging activities of substantial depth involving significant detail.

Leading a small team, the role is responsible for the delivery and administration of Cyber Security Risk Management for NDIA to ensure risks are identified, assessed and managed in accordance with the Agency's risk management strategies.

The position also acts as the Deputy Chief Information Security Officer (CISO), with a focus on delivery of the strategic intent of Cyber security including mitigation of identified cyber risk to the NDIA.

The EL2 Director Cyber Security will apply a significant understanding of the functions to provide high level of advice to senior management, Executive Leadership Team and NDIA Board. It is responsible for influencing and developing strategy, policies, priorities and operational practices in support of the NDIA’s objectives to “build a world-leading National Disability Insurance Scheme”.
Responsibilities

The EL2 Director Cyber Security is responsible for:

• Develop and set up the Cyber Strategy for the Agency, including specific cyber polices and approval processes such as ATO;
• Ensure that the Agency meets all legal and regulatory for Agency Information Technology security, including remaining up-to-date with amendments to the Information Security Manual (ISM) and PSPF;
• Conducting oversight of policies and procedures;
• Engaging with relevant counterparts in Services Australia and/or other external entities regarding ICT Security Operations matters
• Provision of advice and guidance to the CSO and CISO on cyber trends, most likely and dangerous threats , applicable security controls and standards;
• Undertaking the role of the Deputy CISO as NDIA’s Certification Authority (CA) to certify that a system complies with prescribed information security controls and guidelines based on the assessment completed by security assessors;
• Oversight and Review of Risk Assessments;
• Completion of the full Authority to Operate process and documentation;
• Develop the Cyber Team’s individual and collective capability through provisioning of the following:
• An Individual Development Plan for each Cyber Team member
• Collective capability development through Cyber training
• Develop a leadership capability for future technical leadership roles across the Agency.
(NOTE: the key responsibilities of the role are based on current priorities and may change over time)

Role Specifications
Please see below a list of the main physical and psychological work environment characteristics that an employee may encounter while performing the essential functions of this role.

Working environment
• working in an open office environment (exposure to general workplace chatter)
• working in a team environment
• managing demanding and changing workloads and competing priorities
• working alone
• significant periods of sitting at a counter or desk
• operating a telephone, computer
• computer/screen based work
• requirement to read or otherwise extract information from printed material/signage
• attending meetings for extended periods
• exposure to noisy conditions
Information Technology and Security
• Australian Government Security Vetting Agency (AGSVA) clearance
• computer/software applications - Microsoft Office computer based work
• ability to access and use client records management system (CRM) and associated NDIA business applications
Where possible, the NDIA will make reasonable adjustments to enable individuals with disabilities to perform the essential functions of the role.