Information Security Specialist

Suburban Rail Loop (SRL) is an integrated transport infrastructure and precincts planning project that will deliver a 90km rail line linking every major train service from the Frankston Line to the Werribee Line via Melbourne Airport, as well as investment in the suburbs, better connecting Victorians to jobs, retail, education, health services and each other. Suburban Rail Loop Authority (SRLA) is the statutory body established to plan all elements of the project, procure builders, develop structure planning for SRL Precincts and oversee construction and the other changes that will help transform Melbourne and Victoria. SRL is more than a rail project. It's a once-in-a-generation opportunity to plan for and prepare our city and state to meet the needs of future Victorians, and we can't do it alone. We are on the lookout for people with drive, expertise, fresh ideas and new perspectives to deliver Victoria's biggest ever infrastructure project. You will be part of history in the making, and while we're at it, we will be shaping your future too. About the opportunity Reporting to the Cyber Security Manager and working alongside a Cyber Security Analyst, you will play a pivotal role in : Developing and maintaining security documentation, such as policies, procedures and guidelines, to ensure the effective management of security risks in the Suburban Rail Loop Authority in line with the Victorian Protection Data Security Framework (VPDSF) Managing and maintaining a comprehensive cyber roadmap, managing compliance efforts with relevant regulations, standards and frameworks, and providing expert advice and support with projects centred around Victorian Protective Data Security Standards (VPDSS), Australian Cyber Security Centre Essential Eight improvements and National Institute of Standards and Technology (NIST) initiatives Leading the VPDSS maturity and implementation review and gap analysis as part of the reporting obligations for Office of the Victorian Information Commissioner (OVIC), working closely with relevant subject matter experts, and making recommendations as part of the review to the program, leveraging expertise and experience in the subject matter area Assisting with cyber security initiatives and improvement programs, applying well-developed specialist skills in managing the delivery of security services into the organisation, exercising professional independent judgement to ensure business requirements are identified and met through external sourcing arrangements Leading research and analysis activities in cyber security, identifying innovative responses to minimise emerging threats and cyber-attacks, applying creative and advanced problem-solving skills to develop innovative responses that meet the changing needs of the organisation, and solving complex security problems where defined policy, procedures and precedents do not always exist Collaborating with stakeholders, managing relationships with senior leaders, project stakeholders and business users to ensure alignment and collaboration on requirements and strategic initiatives, influencing stakeholders on security best practices and escalating security risks and issues Staying up to date on security trends and emerging threats to ensure the security of the Suburban Rail Loop is maintained, researching new security technologies and techniques, attending training sessions, and participating in security forums and conferences This is an ongoing, full-time role. You will work in a hybrid work model with access to a range of flexible working arrangements. About you Well-developed influencing skills to encourage various stakeholders to share knowledge and support innovative thinking in the management of cyber security Excellent communication and stakeholder management skills, with the ability to build relationships with a diverse group and negotiate and gain co-operation to achieve outcomes Strong conceptual, analytical and product management skills, with the ability to interpret customer business needs and innovatively translate them into application and operational requirements Knowledge of contemporary cyber security practices, standards, frameworks and the threat landscape in a large complex organisation Well-developed specialist skills to ensure the correct implementation and delivery of services to meet the organisation’s information technology security guidelines and principles Experience in developing and implementing complex and innovative system solutions and managing process analysis and process modelling, technical requirements analysis and data mapping activities in an Agile software environment Strong hands‑on technical skills in network security, application security, cloud security, encryption technologies and security tools and technologies Knowledge of industry standards for cyber security governance and management, such as the Australian Cyber Security Centre Essential Eight, MITRE Adversarial Tactics, Techniques and Common Knowledge (ATT&CK) Framework, NIST Cybersecurity Framework, ISO 27000, Control Objectives for Information Technologies (COBIT) 5 and other good practices A recognised tertiary qualification in Information Technology, Cyber Security or a cognate discipline Why join us Generous leave entitlements An emphasis on work‑life balance High‑performing team environment Equal opportunity employer Personal and professional development opportunities Committed to safety and wellbeing Training and development opportunities Our People Strategy and Gender Equality Action Plan are designed to enhance diversity in our workplace through targeted attraction strategies. If you have any questions related to recruitment, please feel free to reach out to the recruitment adviser or hiring manager mentioned in the position description. For individuals with disabilities requiring adjustments during the recruitment process, our Inclusion team is here to provide support. The inclusion mailbox () is specifically for those seeking further information about targeted recruitment strategies and for individuals with disabilities requiring adjustments. Please contact us, and we will ensure your needs are met during the application and recruitment process. SRLA is committed to providing a working environment which is safe and without risk to the health of its employees and partners consistent with its obligations under the Occupational Health and Safety Act 2004 (OH&S Act). To support this, SRLA recommends that all employees be fully vaccinated. How to apply Please click Apply Now to submit your application online. Please include a resume and a one-page cover letter. We want to know why you want to work for the Suburban Rail Loop Authority, why you are interested in the role, and taking into account the key selection criteria as a whole, how your skills, knowledge, experience and qualifications are applicable to the role. Please note that appointment of successful applicants will be made subject to a satisfactory pre-employment screening check. Applications close Australian Eastern Standard Time 11 : 59pm Monday 26 August 2024 #J-18808-Ljbffr