Governance, Risk & Compliance SME

Governance, Risk & Compliance SME

Vacancy expired!

Job Description

Leidos Australia has an opportunity to support an exciting new key Government contract, supporting Australia and it’s national interests, both locally and overseas.

This GRC SME position is pivotal in ensuring the ongoing ICT security accreditation for a major program.This permanent opportunity will be responsible for providing services to major projects and programs to ensure compliance with the applicable Information Assurance (IA) frameworks, policies, and standards (with particular focus on Information Security manual (ISM) and Defence Security Principles Framework (DSPF).

Duties include, but not limited to:

• Develop, implement and maintain security governance, including security frameworks, policies, and standards, for major ICT programs in accordance with ISM and DSPF;
• Develop, implement and maintain the Security Risk Management Plans (SRMPs) and SSPs supporting certification and accreditation for major projects being delivered;
• Develop certification and conformance evaluation criteria to ensure successful system acceptance;
• Maintain and improve the system security documentation package;
• Liaise with service delivery areas, client management, Project Management and client security areas to ensure security processes are appropriately designed, effective and implemented;
• Conduct routine audits to validate the certification and conformance readiness state achieve System Certification and Accreditation;
• Lead identification, implementation and review of the full range of I&A measures to ensure certification and accreditation is maintained in a complex environment;
• Engage with key stakeholders for effective Cyber Governance and security outcomes across all environments; and
• Act as arisk practitioner for ICT systemsand represent the organisation in key cyber risk management forums.

Qualifications

• Experience in performing and/or successfully preparing for IRAP assessments, certification and accreditation across ICT program delivery;
• Experience of working to achieve system certification and accreditation outcomes.
• Previous experience working in a IT Security Officer, IT Security Advisor or IT Security Manager type role.
• Technical background with understanding of commonly deployed security tools, networks and operating systems. (EPP, HIPS, Firewalls, SIEM, Wintel/Unix, virtualisation) in a Government context.
• Substantial experience collaborating with business partners, application development, and technical teams to establish security requirements and ensuring that these objectives were satisfied.
• Collaborating with client and internal teams to develop security documentation (SSP, SRMP, etc)
• Experience or demonstrated knowledge in applying policy and compliance assessment at a technical level across networks, Windows and Unix/Linux environments in the Government context.
• Familiar with security frameworks and standards (PSPF, ISM, ISO27k, NIST).
• Knowledge of commonly used risk management methodologies (ISO 31k, NIST)
• Ability to develop and maintain clearly written documentation (technical, procedural and policy)
• Persuasive communication skills when dealing with stakeholders in wide ranging roles and areas of the business

• Bachelor's Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent professional experience and specialised training commensurate with assignment;
• Applicable security certifications, such as CISSP, CISA, CISM;
• Current IRAP or desire and ability to become an IRAP Assessor.

Additional Information

Successful candidates will be required to be Australian Citizens and be able to obtain and maintain an Australian Government Security Clearance. NV-2 Clearance preferred, but an NV-1 clearedcandidate with strong experience and team fit will be considered.

At Leidos, we’ve built our business on the ability to Redefine Possible and the same applies to your career. We proudly embrace diversity and support our people at every stage of their Leidos journey in terms of inclusion, accessibility and flexibility. We look forward to welcoming you.