Cyber GRC – Conduct security risk analysis 12 + 12 month contracts – NV1 security clearance required Docklands and Geelong offices – Flexible hybrid WFH arrangements Our client, a large Federal Government department based in ACT, NSW or VIC, requires two experienced Cyber Risk Analysts for long 12 + 12 month contracts.Duties Conducting security risk analysis internal systems and assessing the cyber threat, inherent vulnerabilities and the likelihood and consequences of adverse threat activity.Implementing better-practice methodologies and risk management practices aligned with MITRE Att&ck Framework, NIST, ISO 31000/ISO 27001 and the PSPF.Developing the production of system-specific security documentation artefacts, including Statement of Applicability, System Security Plan, Security Risk Management Plan, Cyber Security Incident Response Plan, Continuous Monitoring Plan and Security Assessment Plan.Developing Authority to Operate artefacts and managing security risks and controls uplift activities arising from cyber security risk analysis.Developing security risk advice to allow the NDIA to prevent detect and respond to cyber threat activity.Selection Criteria Minimum of 5 years' experience in Cyber Governance, Risk and Compliance, or a related field of cyber security.Demonstrated experience in the production of system-specific security documentation artefacts aligned to the ISM of documentation.Demonstrated experience conducting security risk analysis of ICT systems and assessing the cyber threat, inherent vulnerabilities and the likelihood and consequences of adverse cyber threat activity.CISM, CISSP or other cyber security qualifications (desirable).To apply for these long Cyber Risk Analyst contracts, please click the Quick Apply button to forward your CV to Andy at the Recruitment Hive.Please note this RFQ closes on the 15th of November 2024 and our internal Job ID is AE 10152.