Cyber & Information Security Officers (APS 5 & 6) - Security and Information Assurance BranchSalary: APS Level 5: $85,204 - $95,705; APS Level 6: $95,714 - $108,092Locations: Adelaide, Brisbane, Canberra, Hobart, Melbourne, Perth, and SydneySeveral ongoing permanent positions, full-time or part-time hours; flexible working arrangementsThe Australian Bureau of Statistics (ABS) is looking to fill the following Cyber & Information Security Officer roles within our Cyber Security and Cyber Operations teams within the Security and Information Assurance Branch:Cyber Security rolesGovernance, Risk and Compliance (GRC) Officer with E8 experienceCyber Security Architect specialising in Cloud technologiesPenetration Tester for applications and/or infrastructure networksCyber Operations rolesCyber Security Systems Engineer specialising in SIEM platform, application performance management, event stream processing in hybrid environmentsDevelopment Security Engineer familiar with DevSecOps architecture, infrastructure, and processesIdentity and Access Management (IAM) Developer with Java experience and familiarity with DevSecOps processes.As a Cyber & Information Security Officer within the Cyber Security team, you may undertake some, or all of the following duties (with varying levels of complexity according to your role and classification level):Assessment of governance, risks, and compliances in new platforms and applicationsProviding security architecture advice and guidance to ABS technical team on security by design principlesProduction and publishing of security standards, guidelines, education, and awareness materialsProviding specialist cyber security services, security architecture, and penetration testing, and responding to security incidentsIdentification and mitigation of systems and applications vulnerabilities.As a Cyber & Information Security Officer within the Cyber Operations team, you may undertake some, or all of the following duties (with varying levels of complexity according to your role and classification level):Administering ABS security platforms and applications and providing secure system integration and configuration utilising DevOps tools and CI/CD pipelinesDeploying, managing, and scaling the infrastructure supporting cyber operations across a hybrid ICT footprint encompassing both on-premise and cloud environments ensuring security best practiceDeveloping technical and support documentation, user education guides, and self-help knowledge articlesMaintaining awareness of the external environment and recommending opportunities to enhance capabilities through the introduction of new products or featuresLiaising with clients and vendors to troubleshoot issues, identify root cause, resolve and document problems, and implement preventative measures.What we are looking for (selection criteria)To be suitable you should have most, or all of the following skills, qualities, and experience:All rolesAbility to cultivate positive working relationships with team members and manage stakeholder expectationsProficiency in professional writing and oral presentation to convey complex information clearly.Cyber Security Team rolesStrong technical capabilities in at least one of the following technology areas:- Cloud security with knowledge of AWS and/or Azure- Penetration testing applications and/or infrastructure networks- Security architecture frameworks, standards, and secure by design patternsComprehensive understanding of security standards and frameworks, including PSPF, ISM, Essential 8, NIST, ISO27001, CIS, and OWASPAware of fundamental cyber security principles and strong analytical skills with the ability to provide security advice and guidance to stakeholdersProven experience in cyber security risk identification and mitigation strategies and/or security architecture with in-depth knowledge in one or more of the following areas: cloud security, infrastructure security, API security, and application security.Cyber Operations Team rolesDemonstrated experience in managing and maintaining infrastructure that incorporates process, technology, and security elements, by working with commercial-off-the-shelf platforms and/or infrastructure as code deploymentsDemonstrated experience in secure CI/CD pipeline deployments and familiarity with DevSecOps architecture, infrastructure, and processesAnalytical and/or technical troubleshooting skills with the ability to establish, participate, and maintain relationships with stakeholders and vendors, including escalating and managing resolution of issuesDemonstrated experience and proficiency in one or many of the following technologies including but not limited to: SailpointIIQ, Splunk, Sentinel, Dtex, InsightVM, Dynatrace, Cribl, Gitlab, Terraform, Java Script, Checkmarx, Aqua, Jfrog Xray or equivalent products.Please read the attached Applicant Information Kit for a guide to our expectations regarding the extent of an applicant's experience and skills for each of the classification levels.How to applyTo apply, you will need to upload your current resume, provide referee details, and a statement of claims demonstrating how you meet the selection criteria.
Word limit is 750 words.Applications close at 11:30 p.m. AEDT on Wednesday 19th March 2025.Start your application by clicking the "Begin" button.#J-18808-Ljbffr