Lead Cyber Security Analyst

Role Overview

• Lead the system security authorisation process in accordance with the Information Security Manual (ISM) and Protective Security Policy Framework (PSPF)
• Develop and maintain critical security documentation, including Standard Operating Procedure (SOPs)
• Conduct comprehensive risk assessments to identify, evaluate and mitigate risks across projects and operational environments.
• Work closely with the Authorisation Officers (AO), system owners, project managers and technical teams to facilitate authorisation.
• Maintain the security posture of systems post accreditation by conducting regular audits and reviewing changes to the system.
• Establish processes to report and manage security incidents that could affect the systems AtO status.
• Support compliance against frameworks such as: ACSC ISM Essential Eight ISO/IEC 27001 NIST CSF

Requirements

• 3+ years’ experience in information security, cyber risk, or GRC
• In-depth knowledge of Australia Government Security Standards (ISM, PSPF)
• Ability to explain technical security risks and controls to non-technical stakeholders.
• Security certifications (CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor) (desirable)
• Bachelor’s Degree or equivalent in Cyber Security or other relevant field (desirable)

Tech Stack

• Cyber Security