1 x Cyber Specialist (Analyst) – Greenway ACT

⁠⁠⁠Position Purpose

The Office of the Chief Information Officer (OCIO) Division is primarily responsible for the management of technology related solutions within the Agency. This includes managing Shared Services Information and Communication Technology (ICT), the delivery of ICT projects in the Agency and the cyber security of the Agency.

The Protective and Cyber Security Branch is responsible for implementing the requirements of the Protective Security Policy Framework (PSPF) and Information Security Manual (ISM) within the Agency. This is achieved by providing strategic, Agency-wide oversight of Security across the areas of Security Governance, Information Security, Personnel Security, Physical Security, Cyber Governance, Risk and Assurance and Cyber Security Operations.

The APS6 Cyber Specialist will undertake activities and tasks using available information from multiple sources. They will be required to perform analytical, procedural, clerical, administrative and operational tasks that support and contribute to NDIA’s objectives to “build a world-leading National Disability Insurance Scheme”.

The role operates within a small team of cyber specialists and is accountable for organising their workflow and making independent decisions relating to their area of responsibility.

The position will:

• Provide cyber security advice within an assigned area of specialisation.
• Assess, analyse and document risk and impact to NDIA from a cyber perspective.
• Make recommendations to the business on risk reduction in relation assessed technologies and cyber security in general.
Duties

The successful candidate will provide, as part of a small team, support to the NDIA to ensure that the NDIA cyber-resilient information technology platforms meet the confidentiality, integrity and availability expectations of Australian citizens by

• Providing cyber security governance, risk and assurance advice and formal security assessments for NDIA systems.
• Supporting the development of effective security policies and process.
• Internal and external stakeholder management.
• Maintaining an awareness of current cyber threats.
• Conducting Risk and Impact Assessments of current and potential ICT systems and services at NDIA.
• Investigating and reporting potential security incidents, supporting remediation activities and creating post-incident reports.
• Focussing on vulnerability management and remediation planning for NDIA ICT systems and services.
• Providing Cyber support to Freedom of Information (FOI) and Royal Commission investigations.
• Contribute to the development of Cyber security awareness across the Agency.
• Coordinating the Risk Register.