Under the broad supervision and guidance of the Chief Information Officer, you will be responsible for personnel, physical and information security controls and compliance within the Australian National Audit Office (ANAO).
Specific responsibilities include: Manage the ANAO's application of the Information Security Manual (ISM) and ACSC Essential Eight Maturity Model using a risk-based approach to protect ANAO ICT systems and information assets; Conduct reviews, investigations and assessments in support of internal requirements and government requirements such as the annual PSPF Compliance report and the ANAO Protective Security Risk Review; Assist in the design and implementation of controls in the physical, personnel and information security space; Investigate security matters and prepare advice to senior management on the security of the agency's Information Communications Technology (ICT) systems; Act as Assistant Agency Security Adviser (ASA) with responsibility for supporting the ASA to provide protective security arrangements, liaison with ASIO, the AFP, other agencies and organisations. This includes managing security clearance requests, ensuring that staff maintain the required security clearance, conducting reviews and assessments; Develop and maintain policy, instructions and guidelines, and coordinate with relevant ANAO staff, contractors and agencies to ensure they comply with relevant legislative, whole of government policies and regulatory frameworks; Develop and maintain plans and procedures for other security issues, business continuity and emergency management. This includes the ANAO Incident Response Plan, various security plans, Business Continuity Plan and emergency management plan; Develop and deliver training, education and awareness programs to ANAO staff on workplace safety, emergency management and security matters and engage with the communications team to improve the awareness of these matters. The work is characterised by: A degree of independent action and initiative within supervisory constraints; Responsibilities that are of a technical, professional, procedural or processing nature; Supported decision making within legislative requirements and consistent with internal policies and operating procedures; A strong team environment with a strong client focus; Close liaison and co-operation with internal clients. Who we are looking for There are no mandatory qualifications for this role. However, the following skills, knowledge and attributes are highly desirable:
Knowledge of the Commonwealth's Protective Security Policy Framework (PSPF), Information Security Manual (ISM) and ACSC Essential Eight Maturity Model; Demonstrated knowledge and experience in the delivery of security services, including emergency management, Business Continuity Planning and Risk Management; Demonstrated capacity to work in a multi-disciplined team with a broad range of responsibilities; Demonstrated skills and experience in investigation, evaluation and assessment; Demonstrated experience in writing and communicating policy, procedures and plans relating to security, emergency management, and business continuity management; Awareness of national and international ICT security standards; Well-developed analytical, conceptual and written and communication skills; Well-developed client focus, with the ability to interact with clients at all levels; the ability to work well within a small team and as an individual and the ability to effectively manage conflicting priorities; Highly motivated and adaptable and willing to work outside normal working hours when required. Given the nature of the work in this position, knowledge of the Protective Security Policy Framework (PSPF) and Information Security Manual (ISM), including the implementation of the ACSC Essential Eight Maturity Model is highly desirable.
Citizenship – To be eligible for employment with the ANAO, applicants must be an Australian citizen.
Security Clearance – The Australian community requires the highest level of integrity from ANAO employees. The preferred applicant will be required to obtain and maintain a security clearance at the Negative Vetting 2 level. For information about the security clearance process, please refer to the AGSVA website.
Assessment process / Reasonable adjustment As part of the assessment process, you may be asked to participate in one or more of the following assessment activities:
Interview (in-person or virtual) If you believe you may require reasonable adjustments to participate in the assessment process, please ensure this is indicated on your application. A member of our recruitment team will contact you to discuss the adjustments prior to the assessment process.
Applicants are required to submit a current CV/resume and a statement of claims (500 words maximum) outlining why you are interested in this position and why you believe that you have the skills, capabilities, knowledge and experience to be considered for this role. Please provide examples which demonstrate your ability to perform the duties of the position. We highly recommend that you refer to the ANAO Core Capability Framework when preparing your statement of claims.
Contact Applications close 11:30pm (EST) Sunday 5 January 2025.
#J-18808-Ljbffr