Security Analyst - Information Security L4

Security Analyst - Information Security L4

Job Title: Security Analyst - Information Security L4
Contract Type: Contract
Location: Canberra
Salary: Competitive
Start Date: 2019-08-19
Reference: V-36543
Contact Name: Aaron Breban
Contact Email:
Job Published: August 20, 2019 11:00

Job Description

The Role:

The Security Analyst is an appointment within the Technical team. This position will report to the Technical Lead and be responsible for providing advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Develops documentation to support accreditation of the EICT environment provisioned for the CSimC solution. Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation of the Core Simulation Capability.

The Security Analyst is responsible to ensure the appropriate security controls are in place for the delivery of any prototypes for engineering, ingress of DevOps code and uptake of Commercial off the Shelf (CotS) software meet Defence standards. The security analyst will have an overarching responsibility to ensure accreditation of the solution is achieved and adheres to the project schedule.

This will include:

  • · Manage discovery requests from the CSimC Contractor and Defence responses
  • · Manage access to existing documentation including policy and procedures
  • · Delivery of Defence dependencies
  • · Working directly with the Simulation Transition and Transformation teams to enable the delivery of the transformed solution
  • · Manage the security accreditation process through to certificate issuance
  • · Manage submission and acceptance of products onto the Defence Approved Software List (DASL)
  • · Liaise with the project ITAR Manager to manage the impacts of ITAR controls
  • · Manage project security risks and compliance with respect to code development, software acquisition and any cross-domain communications
  • · Ensure the CSimC Contractor is operationally ready to take on support and management of the existing Simulation environment in accordance with the schedule
  • · Support the Technical lead in the engagement of key internal stakeholders including ADSTC, CIOG divisions, and the Services
  • · Stakeholder engagement and management, including other projects and service teams that seek to leverage the Simulation Environment.
  • · Manage risk and issues pertinent to the position
  • The Security Analyst provides guidance to the following positions:
  • ·Technical resources including the CSimC Contractor and other Defence stakeholders responsible for service delivery.
  • ·  Simulation Transition / Transformation resources responsible for the delivery of Core Simulation and Training Capability
  • · Staff or stakeholders assigned through RACI for supporting tasks
Key responsibilities

  • · Close liaison with ADSTC as a key stakeholder throughout Transition and Transformation
  • · Managing CIOG delivery teams responsible for capability enablement
  • · Representing the technical solution at external stakeholder forums as required;
  • · Management and implementation of Defence security policy and principles
  • · Development documentation and Managing security compliance and accreditation through the lifecycle of the program
  • · Manage third-party penetration testing
  • · Security stakeholder engagement and management;
  • · Security risk management
  • · Managing CSimC contractor security compliance and adherence with respect to technical deliverables
  • · Manage the delivery of supporting CIOG managed services
  • · Other tasks as directed by the Project Director, Technical Lead; and
  • · Supporting the PDO with project re
  • · Assisting the Project Director and Commercial Lead in technical related activities related to Transformation
For additional information please contact Aaron Breban on 0439 394 902