Cyber GRC Analyst with NV1

·         Cyber Governance Risk and Compliance Analysts
will work alongside project teams, Engineers, Solution Architects and systems
integrators to analyse and document cyber security risks.

·         They will be responsible for developing and
delivering Security Documentation Packs (E.g. Systems Security Plans,
Continuous Monitoring Plan, Incident Response Plans, and Security Risk
Management Plans) to support the achievement of Authority to Operate (ATO) in
consultation with Defence Cyber and Information Assurance Branch (DCIAB).

·         Ensure alignment with the relevant security
publications and frameworks such as the ISM, Essential 8 and the Defence
Security Principles Framework. 

·         Risk Management including identifying,
assessing, and mitigating cyber security risks through various methods like
threat modelling and vulnerability assessments. 

·         Assessing the security posture of third-party
vendors and ensuring they meet the organisation’s security
requirements.

·         Manage the ATO-C/ATO process. This is
inclusive of DCIAB consultation to ensure compliance with all assurance and
governance requirements identified.

·         Internal and external stakeholder management
in support of achieving ATO-C/ATO.

Desirable skills/qualifications:

·         Information/cyber
security and cloud qualifications are highly desirable and/or 5 years minimum
experience: 

·         CISSP,
CCSP, CRISC, Security +

·         Azure
Solutions Architect Expert , Azure Security Engineer Associate, Identity and Access Administrator
Associate

·         AWS
Certified  Cloud Practitioner, AWS Certified Solutions Architect -
Associate or Professional, AWS Certified Security – Specialty

·         Google Cloud
Professional