Project Overview
Opes is undertaking sustainment services for a Tier 1 military integrator, located in South Australia. The highly cleared (AGSVA NV2) team manages a bespoke on-premises private cloud system supporting software development activities.
Role Description
We are seeking a highly skilled ITSO to join our team in supporting an air-gapped military integrator network used for software development. The ideal candidate will have a strong understanding of the Australian Cyber Security Centre's (ACSC) Information Security Manual (ISM), and Defence Certification and Accreditation processes. This role is crucial in ensuring the confidentiality, and availability of the secure network.
Responsibilities
- Implement and oversee security measures for the air-gapped network to ensure protection against potential threats.
- Maintain up-to-date and detailed security documentation in accordance with ACSC ISM guidelines and Defence requirements.
- Conduct regular security assessments, audits, and reviews to ensure ongoing compliance and identify areas for improvement.
- Coordinate with various teams to ensure security measures are integrated into the software development lifecycle.
- Develop and deliver security training and awareness programs for staff.
- Respond to security incidents, conduct investigations, and implement corrective actions as necessary.
- Provide expert advice on security architecture, policies, and procedures to support the organisation’s strategic goals.
Essential Skills
- Security Expertise: Extensive knowledge of the ACSC's ISM and its application within Defence and Defence Industry contexts.
- Certification and Accreditation: Proven experience with Defence Certification and Accreditation processes.
- Security Documentation: Ability to maintain and manage comprehensive system security documentation, including Security Risk Management Plan, System Security Plan, and Incident Response Plan.
- Technical Proficiency: Proficient in security technologies and methodologies related to air-gapped networks and software development environments.
- Risk Management: Demonstrated ability to identify, assess, and mitigate security risks within complex IT infrastructures.
- Compliance: Ensure all systems comply with relevant security standards and regulations set by ACSC and Defence.
- Problem Solving: Strong analytical and problem-solving skills to address security challenges effectively.
- Communication Skills: Excellent verbal and written communication skills to liaise with various stakeholders and prepare detailed reports.
- Continuous Improvement: Commitment to staying updated with the latest security trends, threats, and technologies to continually improve security measures.
Desirable Qualifications
- Experience in Defence Sector: Prior experience working within Defence Industry, or with Defence networks.
- Management: Experience managing security projects and leading security initiatives.
- Advanced Technical Skills: Familiarity with advanced security tools and technologies, such as intrusion detection systems (IDS), security information and event management (SIEM) systems, and encryption techniques.
Qualifications
- Certifications: Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA).
Work Environment
- Onsite – Adelaide Technology Park SA
#J-18808-Ljbffr