Cyber Security – Executive Level 1
Salary: $139,823 - $163,364 plus superannuation
ABOUT US
ASIS is Australia’s overseas secret intelligence collection agency. Its mission is to protect and promote
Australia’s vital interests through the provision of intelligence services as directed by the Government. Its
work can involve collecting intelligence relating to national security, international relations and economic
issues. It also contributes to Australia’s coordinated national efforts against terrorism, proliferation of
weapons of mass destruction, and trans-national issues such as people smuggling.
ASIS is a diverse and inclusive workplace, where our people are empowered through authenticity and a
sense of belonging to achieve their potential and contribute to a shared purpose and mission. We seek to
reflect the community we serve, and welcome applications from Aboriginal and Torres Strait Islander
peoples, women, people with a disability, neurodiverse, people from culturally and linguistically diverse
backgrounds and those who identify as LGBTIQA+.
WHAT WE OFFER
- A career with a difference making a direct contribution to Australia’s national security
- A unique working environment where the work is stimulating and our people matter
- Ongoing training and personal development opportunities
- Ongoing employment with opportunity for part-time or flexible work hours
- Generous leave provisions
- This position is based in Canberra. The role will feature domestic and international travel.
Roles
Operating within Security Branch, Cyber Security Directorate monitors, enables, and advises on the cyber
security of the myriad technologies that underpin ASIS’s business and operations. Cyber Security is multi-
disciplinary team that consists of three key work streams – Operations, Engineering, and Assurance – that
provide the following services:
1. Operations
a. Develop, monitor, and triage security logs and alerts;
b. Coordinate delivery of the Service’s cyber security incident response activities; and
c. Undertake threat hunts to proactively identify anomalous network activity.
2. Engineering
a. Collaborate with key stakeholders to identify and address cyber security capability gaps;
b. Plan and manage the development of current and future cyber security capabilities;
c. Maintain cyber security capabilities as exemplars of effective and secure system design, in a
high-security environment.
3. Assurance
a. Assess and report on the cyber security risk posture of ASIS’s systems;
b. Provide security architecture advice to ASIS’s projects and system managers; and
c. Develop and deliver cyber security awareness campaigns to ASIS staff.
Please ensure you identify the specific role(s) you would like to be considered for when submitting your
application.
Roles
Manager – Cyber Security Operations
You will develop, manage and lead the Operations team, responsible for the cyber security monitoring of
ASIS’s systems, and coordination of the Service’s cyber incident response activities. You will manage the
delivery of ASIS’s cyber security incident response framework, encompassing activities from effective
security monitoring (including user activity monitoring), through to remediation and recovery following a
cyber security incident. You will guide the development of accurate and informative security reporting for
customers, and continuously engage with industry and partners to identify improved ways of working.
To be successful in this role, you will have:
Familiarity with risk management, incident response, and investigative best-practices.
Demonstrated understanding of the Protective Security Policy Framework (PSPF), Information
Security Manual (ISM), and/or Essential Eight (E8) requirements.
Demonstrated understanding of at least one technology domain (e.g. infrastructure, virtualisation,
databases, software development, data analytics, machine learning, etc.).
A proven ability to communicate complex issues to technical and non-technical audiences.
Technical Lead - Cyber Security Operations
You will perform a technical lead role within the Operations team. You will lead the delivery of robust,
scalable, and fit-for-purpose cyber security use cases that support the detection of key threats to the
Service. In the event of an incident, you will lead the delivery of Service’s cyber security incident response
activities. You will also identify and lead cyber security threat hunt activities to proactively identify potential
threats to ASIS’s systems.
To be successful in this role, you will have:
Experience managing investigations, performing security analytics, and developing reporting for
various (e.g. technical, non-technical, senior, and junior) stakeholder groups.
Demonstrated understanding of at least three technology domains (e.g. infrastructure,
virtualisation, databases, software development, data analytics, machine learning, etc.).
Familiarisation with cyber security capabilities including SIEM and Data Analytics platforms,
query/coding languages such as SQL, SPL, Java, Python and/or Power Shell, and digital forensics.
Technical Lead - Cyber Security Engineer
You will perform a technical lead role within the Engineering team. You will lead the development and
maintence of technical capabilities that directly support the broader team’s services. You will contribute to
the execution of ASIS’s Cyber Security Capability Roadmap by: researching, developing and integrating new
technical capabilities to ensure coverage and collection of valuable audit events, optimising the sustainment
of capabilities by automating routine tasks and processes, and ensuring the team’s capabilities are
exemplary high-security systems. You will build valuable working relationships across teams, vendors and
partner agencies to ensure technical capabilities are implemented on-time and to-specification.
To be successful in this role you will have:
Hands-on experience in delivering technical capabilities.
Familiarisation with ICT Infrastructure and networking, data processing, SIEM platforms,
vulnerability management, and cloud security (e.g. Azure and AWS).
Proven ability to translate user requirements into technical features/functions.
Manager – Cyber Security Assurance
You will develop, manage and lead the Assurance team, responsible for cyber security assessment,
architecture advice, and education within ASIS. You will manage the delivery of ASIS’s security assessment
and authorisation program, covering network penetration testing, vulnerability managment, and
configuration analysis to report on and remediate identified vulnerabilities. To enable the implementation
of secure systems, you will guide your team in the development of threat models and scenarios to validate
security-enforcing controls, and recommend mitigations and countermeasures to address identified risks.
To be successful in this role, you will have:
Familiarity with both risk management, and assessment/audit best-practices.
Demonstrated understanding of the Protective Security Policy Framework (PSPF), Information
Security Manual (ISM), and/or Essential Eight (E8) requirements.
Demonstrated understanding of at least one technology domain (e.g. infrastructure, virtualisation,
databases, software development, data analytics, machine learning, etc.).
Proven ability to communicate complex issues to technical and non-technical audiences.
Education, Qualification and Experience
For all roles, the following education, qualifications and/or experience will be highly regarded, though not
essential:
Experience in the management and/or development of a specialist team.
Excellent coordination, administration, verbal and written communication skills.
5+ years of experience in a relevant field of expertise.
Industry certifications including, but not limited to: Cert IV in Government Investigations, IRAP,
CISA, CRISC, CCSP, CISM, CISSP, SABSA, OCSP, Microsoft, Linux, Cisco, Splunk.
Selection Criteria
Candidates are not required to provide a separate written response to the ILS capabilities (below),
however, candidates are encouraged to consider the capabilities in preparing their application, as
each candidate will be assessed on their ability to demonstrate behaviours aligned to the
capabilities for the position.
For more information on the ILS, tips on applying for jobs in the Public Service, go to the APSC
website found at www.apsc.gov.au.
Shapes Strategic Thinking
Inspires a sense of shared purpose and direction;
Focuses strategically;
Harnesses information and opportunities; and
Shows judgment, intelligence and common sense.
Achieves Results
Builds organisational capability and responsiveness;
Marshals professional expertise;
Steers and implements change and deals with uncertainty; and
Ensures closure and delivers on intended results
Cultivates Productive Working Relationships
Nurtures internal and external relationships;
Facilitates cooperation and partnerships;
Values individual differences and diversity; and
Guides, mentors and develops people.
Exemplifies Personal Drive and Integrity
Demonstrates public service professionalism and probity;
Engages with risk and shows personal courage;
Commits to action;
Displays resilience; and
Demonstrates self-awareness and a commitment to personal development.
Communicates with Influence
Communicates clearly;
Listens, understands and adapts to audience; and
Negotiates persuasively.
Job Specific Requirements
Demonstrated experience and education relevant to the role.
HOW TO APPLY
Applicants will need to apply ONLINE via our website.
Applicants will be asked to submit a maximum 800 word pitch outlining their skills and experience for the
role on offer along with a comprehensive resume detailing their work history.
Applicants are encouraged to consider the capabilities when preparing their application, as this
will form the basis of selection assessment. For more information and tips on applying for jobs in
the Public Service, search ‘Joining the APS’ at www.apsc.gov.au.
You may receive a SMS requesting you to complete online testing. Please ensure you complete
this as your application will not be progressed otherwise.
APPLICATIONS CLOSE: Monday 28 October 2024
ELIGIBILITY
Candidates must be Australian citizens.
The successful candidate will be required to obtain and maintain the highest-level security clearance.
REASONABLE ADJUSTMENTS
All requests for reasonable adjustments will be considered and managed in consultation with you. We will
continue to ask you if you require reasonable adjustments at each stage of the process. If you are successful
in gaining employment, reasonable adjustments can also be made available to you in performing your role.
WHAT HAPPENS NEXT?
You may receive a SMS requesting you to complete online testing. Please ensure you complete this as your
application will not be progressed otherwise.
Please do not tell anyone about your application with our organisation at this stage of the process as doing
so may harm your suitability for employment with us.
A merit list will be established for candidates who are suitable and will remain valid for a period of 18
months.
We thank you for the time and effort you have put into your application; however, we are unfortunately
unable to provide feedback to unsuccessful candidates.