Cyber Security – Level 5 - Level 6 - Australia Jobs Opening

October 11, 2024

Australian Secret Intelligent Service

Canberra

PART TIME

Cyber Security – Level 5 - Level 6

Cyber Security – Level 5-6
Salary: $101,169 - $129,063 plus superannuation

ABOUT US
ASIS is Australia’s overseas secret intelligence collection agency. Its mission is to protect and promote
Australia’s vital interests through the provision of intelligence services as directed by the Government.
Its work can involve collecting intelligence relating to national security, international relations and
economic issues. It also contributes to Australia’s coordinated national efforts against terrorism,
proliferation of weapons of mass destruction, and trans-national issues such as people smuggling.

ASIS is a diverse and inclusive workplace, where our people are empowered through authenticity and
a sense of belonging to achieve their potential and contribute to a shared purpose and mission. We
seek to reflect the community we serve, and welcome applications from Aboriginal and Torres Strait
Islander peoples, women, people with a disability, neurodiverse, people from culturally and
linguistically diverse backgrounds and those who identify as LGBTIQA+.
WHAT WE OFFER

A competitive salary

A career with a difference making a direct contribution to Australia’s national security

A unique working environment where the work is stimulating and our people matter

Ongoing training and personal development opportunities

Ongoing employment with opportunity for part-time or flexible work hours

Generous leave provisions

This position is based in Canberra. The role will feature domestic and international travel.

Role
Operating within Security Branch, Cyber Security Directorate monitors, enables, and advises on the
cyber security of the myriad technologies that underpin ASIS’s business and operations. Cyber Security
is multi-disciplinary team that consists of three key work streams – Operations, Engineering, and
Assurance – that provide the following services:

Operations

Develop, monitor, and triage security logs and alerts;

Coordinate delivery of the Service’s cyber security incident response activities; and

Undertake threat hunts to proactively identify anomalous network activity.

Engineering

Collaborate with key stakeholders to identify and address cyber security capability

gaps;

Plan and manage the development of current and future cyber security capabilities;

Maintain cyber security capabilities as exemplars of effective and secure system

design, in a high-security environment.

Assurance

Assess and report on the cyber security risk posture of ASIS’s systems;

Provide security architecture advice to ASIS’s projects and system managers; and

Develop and deliver cyber security awareness campaigns to ASIS staff.

Please ensure you identify the specific role(s) you would like to be considered for when submitting
your application.

Roles
Analyst – Cyber Security Operations
You will be a member of the Operations team, responsible for the cyber security monitoring of ASIS’s
systems, and coordination of the Service’s cyber incident response activities. You will support the
delivery and day-to-day use of cyber security use cases, to enable the detection of key threats to the
Service. In the event of an incident, you will support the delivery of Service’s cyber security incident
response activities. You will also support cyber security threat hunt activities to proactively identify
potential threats to ASIS’s systems.
To be successful in this role, you will have:

Familiarity with risk management.

A working understanding of the Protective Security Policy Framework (PSPF), Information

Security Manual (ISM), and Essential Eight (E8).

Experience within at least one technology domain (e.g. infrastructure, virtualisation,

databases, software development, data analytics, machine learning, etc.).

A desire to refine and expand your technical knowledge and skills in a cyber security context,

including, but not limited to: SIEM and Data Analytics platforms, query/coding languages
such as SQL, SPL, Java, Python and/or Power Shell, and digital forensics.
Engineer - Cyber Security Engineer
You will be a member of the Engineering team. You will support the development and maintence of
technical capabilities that directly support the broader team’s services. You will contribute to the
execution of ASIS’s Cyber Security Capability Roadmap by: researching, developing and integrating
new technical capabilities to ensure coverage and collection of valuable audit events, optimising the
sustainment of capabilities by automating routine tasks and processes, and supporting the secure
management of the team’s capabilities.
To be successful in this role you will have:

Familiarity with risk management.

A working understanding of the Protective Security Policy Framework (PSPF), Information

Security Manual (ISM), and Essential Eight (E8).

Experience within at least one technology domain (e.g. infrastructure, virtualisation,

databases, software development, data analytics, machine learning, etc.).

A desire to refine and expand your technical knowledge and skills in a cyber security context,

including, but not limited to: infrastructure and networking, data processing, SIEM
platforms, vulnerability management, cloud security (e.g. Azure and AWS), project
management, and business requirements modelling.
Assessor – Cyber Security Assurance
You will be a member of the Assurance team, responsible for cyber security assessment, architecture
advice, and education within ASIS. You will support the delivery of security assessments against
ASIS’s systems, covering network penetration testing, vulnerability managment, and configuration
analysis to report on and remediate identified vulnerabilities. To enable the implementation of
secure systems, you will develop threat models and scenarios to validate security-enforcing controls,
and recommend mitigations and countermeasures to address identified risks.
To be successful in this role, you will have:

Familiarity with risk management.

A working understanding of the Protective Security Policy Framework (PSPF), Information

Security Manual (ISM), and Essential Eight (E8).

Experience within at least one technology domain (e.g. infrastructure, virtualisation,

databases, software development, data analytics, machine learning, etc.).

A desire to refine and expand your technical knowledge and skills in a cyber security context,

including, but not limited to: vulnerability management tools, penetration testing tools and
techniques, Governance, Risk and Compliance (GRC) tools and processes, etc.
Education, Qualification and Experience
For all roles, the following education, qualifications and/or experience will be highly regarded,
though not essential:

Relevant tertiary qualifications or experience in Cyber Security, IT, Systems Engineering or a

related field;

Experience with open source / COTS / GOTS cyber security tools;

Demonstrated experience working in Cyber Security or ICT-related areas

Selection Criteria
Candidates are not required to provide a separate written response to the ILS capabilities (below),
however, candidates are encouraged to consider the capabilities in preparing their application, as each
candidate will be assessed on their ability to demonstrate behaviours aligned to the capabilities for
the position.

For more information on the ILS, tips on applying for jobs in the Public Service, go to the APSC website
found at www.apsc.gov.au.
Shapes Strategic Thinking

Inspires a sense of purpose and direction;
Focuses strategically;
Harnesses information and opportunities; and
Shows judgment, intelligence and common sense.

Achieves Results

Builds organisational capability and responsiveness;
Marshals professional expertise;
Steers and implements change and deals with uncertainty; and
Ensures closure and delivers on intended results.

Cultivates Productive Working Relationships

Nurtures internal and external relationships;
Facilitates co-operation and partnerships;
Values individual differences and diversity; and
Guides, mentors and develops people.

Exemplifies personal drive and integrity

Demonstrates public service professionalism and probity;
Engages with risk and shows personal courage;
Commits to action;
Displays resilience; and
Demonstrates self-awareness and a commitment to personal development.

Communicates with Influence

Communicates clearly;
Listens, understands and adapts to audience; and
Negotiates persuasively.

Job Specific Requirements
Demonstrated experience and education relevant to the role.

HOW TO APPLY
Applicants will need to apply ONLINE via our website.
Applicants will be asked to submit a maximum 800 word pitch outlining their skills and experience
for the role on offer along with a comprehensive resume detailing their work history.

Applicants are encouraged to consider the capabilities when preparing their application, as this will
form the basis of selection assessment. For more information and tips on applying for jobs in the
Public Service, search ‘Joining the APS’ at www.apsc.gov.au.
You may receive a SMS requesting you to complete online testing. Please ensure you complete this
as your application will not be progressed otherwise.

APPLICATIONS CLOSE: Monday 28 October 2024

ELIGIBILITY
Candidates must be Australian citizens.
The successful candidate will be required to obtain and maintain the highest-level security clearance.
REASONABLE ADJUSTMENTS
All requests for reasonable adjustments will be considered and managed in consultation with you.
We will continue to ask you if you require reasonable adjustments at each stage of the process. If
you are successful in gaining employment, reasonable adjustments can also be made available to you
in performing your role.
WHAT HAPPENS NEXT?
You may receive a SMS requesting you to complete online testing. Please ensure you complete this
as your application will not be progressed otherwise.
Please do not tell anyone about your application with our organisation at this stage of the process as
doing so may harm your suitability for employment with us.
A merit list will be established for candidates who are suitable and will remain valid for a period of
18 months.
We thank you for the time and effort you have put into your application; however, we are
unfortunately unable to provide feedback to unsuccessful candidates.

We regret to inform you that this job opportunity is no longer available