Senior ICT Security, Governance, Risk and Compliance (PROJ-4592)
Job Description
Remote is seeking an experienced ICT Security Governance, Risk and Compliance specialist to support the AGO IT Security team in preparing an OFFICIAL: Sensitive cloud-based Internet gateway for IRAP assessment. Responsibilities include assisting with system boundary definition, identifying and prioritising areas of non-compliance, developing all required IT security documentation, and reviewing system designs to ensure alignment with security requirements. The role will also liaise with the Commonwealth’s independent IRAP assessor and work closely with AGO ICT Security and sustainment teams to ensure smooth delivery and knowledge transfer. (RFx26597)
Role Description
Major Responsibilities:
- Support the system owner and system manager to define the system boundary for IRAP assessment.
- Identify areas of non-compliance and provide input to the prioritisation of these elements for remediation
- Develop IT security documentation required to support an IRAP assessment.
- Review and provide input to system design that underpins IT security documentation.
- Engage with an independent IRAP assessor, provided by the Commonwealth, to ensure effective documentation delivery.
- Engage with existing AGO ICT Security team and technical sustainment personnel to ensure knowledge transfer throughout the process.
Other Features of the Role (e.g. location, travelling, shift hours,)
- Ability to work in a high security environment with sensitivity reticence and discretion.
- There is a requirement to attend approved Canberra based Defence facilities, however there is flexibility to work off-site