Classification: ANU Officer 8 (Information Technology) Salary package: $112,693 - $120,506 per annum plus 17% superannuation Term: Full time, Continuing Location: Acton, Canberra (opportunity for flexible working arrangements) About the Role As a Senior Cyber Security Engineer, you will be accountable, under the broad direction of the Manager of Cyber Engineering or the Chief Information Security Officer, for undertaking and achieving complex cyber and information security tasks within a multidisciplinary team to support the Information Security Office's mission. This position demands a strategic thinker with a strong understanding of cybersecurity, effective mentoring skills, and a commitment to maintaining security and compliance. Key Duties:
Develop and implement comprehensive security controls to protect sensitive information and technologies.
Develop and implement comprehensive Privileged Access Management (PAM) controls to secure sensitive accounts, systems, and data. Design and enforce policies to limit and monitor access to critical infrastructure and data.
Collaborate with internal and external stakeholders to assess risks associated with privileged accounts and credentials. Implement effective mitigation strategies to reduce the attack surface created by high-privilege users.
Liaise with IT, Security, and Compliance teams to ensure the enforcement of PAM policies across the organization. Stay informed of industry best practices, evolving regulations, and security standards related to privileged access management.
Oversee the day-to-day operations of PAM systems, including password vaults, session monitoring, and privileged identity management platforms. Ensure these systems are effectively controlling and auditing access to sensitive systems and resources.
Respond to and investigate PAM-related security incidents, such as unauthorized privileged access attempts, misconfigurations, or credential misuse. Perform root cause analysis and coordinate with relevant teams to implement corrective and preventive measures.
Administer and maintain PAM tools and platforms, ensuring they are up-to-date, properly configured, and functioning as intended. Manage privileged user lifecycle processes, including provisioning, de-provisioning, and access reviews.
Conduct periodic audits and reviews of privileged access accounts, user permissions, and session logs to ensure compliance with security policies and standards. Recommend improvements to enhance PAM processes and mitigate risks.
Provide expertise and guidance on best practices for implementing least privilege and just-in-time access principles, ensuring that privileged access is granted only when necessary and for the minimum amount of time.
Continuously monitor network and system activity to detect and respond to potential threats in real-time.
Ensure security configurations are applied consistently across all systems and networks, and update configurations as needed to address emerging threats.
Administer and maintain security tools and platforms, ensuring they are up-to-date and functioning correctly.
About You Our ideal candidate should be able to demonstrate:
Expertise in implementing and managing cybersecurity requirements under the security policies and standards guidelines.
Strong technical knowledge and the ability to work effectively within a cybersecurity team.
Excellent time management and organisational skills, with the ability to remain resilient and adaptable to evolving cybersecurity threats and priorities.
A proactive mindset with the ability to approach complex cybersecurity challenges positively, using sound judgment while assessing risks and impacts on strategic objectives.
Strong communication skills, including the ability to convey complex technical concepts clearly and effectively, with keen attention to detail.
The ability to interpret and adhere to legislative, policy, and regulatory requirements related to cybersecurity.
Extensive experience in cyber engineering and security program projects.
Excellent understanding of risk management principles, experience in assessing and mitigating security risks across various IT environments with risk assessment frameworks knowledge.
This is a security-vetted position. Candidates must be Australian Citizens and already have, or be eligible to obtain and maintain an NV1 (or above) security clearance. How to Apply To apply for this role please ensure that your submission includes the following documents:
A statement addressing the selection criteria showing how your skills, experience and approach align with the role in no more than 650 words.
A current curriculum vitae (CV).
The names and contact details of 2 referees.
Applications which do not address the selection criteria may not be considered for the position.
Reasonable adjustments to support applicants through this recruitment process can be made available upon request. Requests for adjustments will be treated with the strictest of confidentiality.
Please note: The successful candidate must be an Australian citizen able to obtain and maintain an NV1 (or above) security clearance, have rights to live and work in Australia and will be required to undergo a background check during the recruitment process, in accordance with the Background Checking Procedure. An offer of employment is conditional on satisfactory results.
#J-18808-Ljbffr