The Australian Institute of Health and Welfare (AIHW) provides reliable, regular and relevant information and statistics on Australia's health and welfare. We are committed to providing high quality, national data and analysis across the health, housing and community services sectors.
This covers a wide range of areas, from health and welfare expenditure, hospitals, disease and injury, disability and mental health, to ageing, disadvantaged and vulnerable populations, homelessness, and Indigenous health and welfare.
The AIHW's APS employee census results attest to our positive and supportive workplace culture. We are an inclusive, flexible, and productive workplace where people are treated with respect and courtesy, and diverse and unique attributes are recognised and valued. Our results also show that we achieved top ten rankings in staff engagement, communication, and wellbeing scales out of 104 APS agencies.
We offer a range of benefits including:
access to flexible working arrangements to support your work/life balanceattractive remuneration packages including generous superannuationexcellent leave provisions including leave that supports your cultural or religious commitmentschallenging and fulfilling work where you can use your skills and expertiseopportunities for professional development including study assistance.
We are committed to creating genuine opportunities for everyone and we welcome applications from Aboriginal and Torres Strait Islander people(s), people with disability, LGBTIQA+, neurodiverse people and people from diverse cultural and linguistic backgrounds.
The AIHW has offices in Canberra and Sydney and offers remote work opportunities for many roles.
For more information, visit the Benefits of working for the AIHW page of our website.
The key duties of the position include
The Business and Technology Group fosters the enhancement of the AIHW's business through the provision of resources, advice and assistance. The Group consists of six Units; Finance & Commercial Services, People & Facilities, Chief Technology Office, Cyber Security & Assurance, IT Operations & Platforms and IT Business Development & Delivery.
The Cyber Security and Assurance ensures that our ICT services enable the AIHW to securely execute its mission - protecting our data, enabling trust.
We have broad security remit covering all the ACSC cyber security principles (Govern, Identify, Protect, Detect and Respond). We manage IT security risk, ensure required security controls effective and monitor for security alerts and vulnerabilities.
The IT Security Unit is looking for an IT Security Senior Analyst who will work in a small team.
Under general direction you will:lead the development and continual improvement of cyber security Governance, Risk and Compliance practiceswork with project teams and solution architects to ensure security requirements are built into new projects and support the development of practical security documentationlead and/or perform security assessments, security audits and other reviewslead and/or perform threat modelling, risk assessments and other risk management activitieswork across teams to develop, implement and maintain IT security policyprovide leadership and mentoring to junior staff.
Secondary duties are to support the other functions of the team and include:contributing to an on-going cyber security awareness programworking with the broader ICT Group to continuously improve security controls in line with the Essential 8, the Information Security Manual (ISM) and cyber security best practiceperforming general security operations, including alert monitoring, vulnerability management and investigating security incidents.
Our ideal candidate will have most or all of the following attributes:5 years or more demonstrated experience working in a cyber security role, with in-depth knowledge of whole of government security frameworks (ie. ISM, PSPF).proven experience conducting cyber security Governance, Risk and Compliance activities, including the development of security documentation, performing security assessments (including essential 8), threat modelling, risk assessments and other risk management activities.demonstrated experience working with stakeholders to implement and adopt new security policies.able to think critically and apply practical, principles-based approaches to solving unique and complex problems.strong communication skills including the ability to collaborate with a range of internal and external stakeholders.experience with Tenable, M365 and Microsoft Azure is highly desirable.
This role requires a baseline clearance, or an ability to obtain. Relevant qualifications in cyber security such as CISSP, CISM, CISA, CRSIC will be highly regarded.
#J-18808-Ljbffr