IBA 7 ($151,625 - $177,655)
Brisbane, Canberra or Sydney
Role:
The Cyber Security Engineer at IBA will report directly to the IT Security Advisor. They will manage existing and implement additional security controls to the IBA environment. To support IBA in maintaining a secure technology environment in line with recommendation from the information security manual and Essential 8.
The primary purpose of this role is to provide in house expertise and security control implementation and maintenance across IBA Azure environment. This role will require a comprehensive knowledge of the Microsoft azure environment and the security suite.
This role will also provide security advice and recommendations to projects being implemented at IBA, so knowledge of the AWS cloud environment and applications used in banking and finance is highly desirable.
IBA has a large managed service provider footprint, including core applications and our security operations centre (SOC). An ability to work collaborative across teams to provide direction and support a successful delivery of outcomes
Duties:
Duties Include, but are not limited to:
- Assess current security posture and implement control recommendation across the Azure security suite.
- Review vulnerability assessment reports and oversea and assess compliance with patching recommendation.
- Undertake a risk assessment, or audit systems and processes to ensure. they meet regulatory and industry standards.
- Implement and maintain the organisations data loss prevention controls, to safeguard the organisation information from unauthorised disclosure or access.
- Implement and maintain controls to manage access to IBA systems, this including role-based access control (RBAC), multifactor authentication to ensure it is aligned to industry best practice.
- Support the response to a cyber security incident or response to threat intelligence from ASD or our SOC.
- Support the organisation data governance and policies to maintain integrity and compliance with industry standards and legislative requirements (e.g. Privacy Act and Aboriginal and Torres Strait Islander ACT).
- Implement security controls to support the organisations data governance process, including security classification and labelling.
- Review internal and external audits and support the organisation implementing security controls.
- Maintain, update and respond to the IT Security service catalogue request and emails to ensure all security services are documented and resolved.
- Other duties as required.
Required Capabilities
Essential:
- 5 years’ experience supporting an enterprise environment and implementing security controls aligned to information security manual (ISM)
- Experience working within a hybrid, multi-cloud environment and working collaboratively with managed service providers to deliver security outcomes.
- Proficiency in security technologies and tools, including firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) solutions. Experience building and maintaining data loss preventions systems and building fit-for-purpose DLP rules.
- Experience with developing and presenting risk assessment and compliance audits to a range of stakeholders and developing remediation plans.
- Experience working in collaboration with multiple managed service providers to deliver security outcomes.
- Experience working alongside business, providing security advice to support the delivery of outcomes.
- Commitment to staying updated with the latest industry trends, threats, and technologies through continuous learning and professional development.
- Strong analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions.
- Experience with using and implementing technical data governance controls via MS Purview.
Desirable:
- Relevant industry certifications such as Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM), and Certified Information Systems Security Professional (CISSP) is desirable.
- Relevant platform certifications such as Azure Security Engineer, Azure Information Security Administrator
Skills and attributes:
- Ability to work independently with minimal guidance, to manage competing priorities, and deliver on organisational outcomes.
- Strong skills in stakeholder management, maintaining key relationships with internal and external partners to ensure alignment on release strategies, goals and deliverables.
- Proven ability to make high-impact decisions in complex and ambiguous environments, applying critical thinking and sound judgement to overcome challenges.
- Strong verbal and written communication skills with the ability to interact, influence and negotiate effectively with both technical and non-technical stakeholders at all organisational levels.
- Strong analytical skills with the ability to collect, interpret and present complex requirements or data in a clear and accessible format to support strategic decision-making.
- Strong analytical skills with the ability to collect, interpret and present complex requirements or data in a clear and accessible format to support strategic decision-making.
Aboriginal and Torres Strait Islander Cultural Capability
- Awareness and understanding of Aboriginal and/or Torres Strait Islander societies and culture.
- Ability to liaise and communicate sensitively and effectively with Aboriginal and Torres Strait Islander staff.About Us – News and Publications – Annual Reports
Further enquiries: sarah.humphries@iba.gov.au
Applications: Online via Jobs - Indigenous Business Australia (iba.gov.au) or mail to: IBA Recruitment, PO Box 650, Fyshwick ACT 2609
- Resume
- One page statement of claims against Essential Criteria and Skills
Closing date: 30 April 2025
Please note: Emailed applicants will not be accepted.
If you have any issues in filling out the form below, please contact ibarecruitment@iba.gov.au
