IT Security Analyst

MAXIMUS (Eight Mile Plains QLD, Australia) 4 days ago

Introduction

This role will see you develop, implement, maintain and report on information security and IT compliance. It plays a pivotal role to ensure robust application and compliance of security technologies and strategy.

The opportunity

  • Ensure compliance with the Australian Government Information Security Manual and Protective Security Policy framework
  • Maintain and improve ISO 27001 compliance in regards to our contract
  • Investigate, document and report on information security issues and trends
  • Log analysis, threat research and hunting and cyber analysis
  • Lead, coordinate and execute proactive advice and guidance

About you

  • Proven ability to uplift cyber capability
  • Security incident, event management and ability to manage stakeholder expectations
  • Previous experience with regulatory, compliance and IT security management framework
  • Can develop security related documents and procedures
  • Experience working within a complex entity across ICT risk and security management
  • Superior analytical and communication skills

Please see full description following


MAX Solutions is committed to improving the lives of others. Providing employment, health, training and humanitarian services in more than 250 locations around Australia, MAX Solutions invests strongly in the development of our people. We foster strong relationships between staff, clients and the community and are driven to make a difference.

Reporting to the IT Operations Manager, the IT Security Analyst will be responsible for developing, implementing, maintaining and reporting on MAX Solutions information security and IT compliance functions designed to protect MAX Solutions assets. The IT Security Analyst will play a pivotal role in collaborating with the IT Department, across all Business units and with external security partners to ensure robust application and compliance of security technologies, strategies, policies, procedures and frameworks are in place. The role ensures that existing and new services not only meet Business needs but are cyber risk managed based on ISO 27001 and best practice information security principles.


  • Ensure compliance with the Australian Government Information Security Manual and Protective Security Policy Framework
  • Maintain and improve ISO 27001 Compliance and how it applies to our contract
  • Investigate, document and report on information security issues and emerging trends
  • Perform log analysis, threat research and hunting, and cyber intelligence risk assessments
  • Act as the subject matter expert and provide advice to internal stakeholders on Cyber Security
  • Maintain policies, operational procedures and document processes
  • Develop and maintain security incident management and vulnerability management program
  • Support the IT infrastructure team in monitoring, analysing, and trending log data for many data sources
  • Lead, coordinate, and execute proactive information security advisory and guidance to the Business, technology and project teams covering cyber security, disaster recovery, management of data, user access management, and management of third parties
  • Peer review system changes to ensure security compliance and system/data integrity
  • Assist in responding to tender documents around our cyber security posture and assist in planning any uplifts required to meet required standards
  • Comply with all WHS procedures ensuring that team members including volunteers and contractors abide by all relevant health and safety procedures
  • Act as a role model by demonstrating safe work behaviours and report all accidents, incidents or near misses immediately. Comply with all WHS procedures ensuring that team members including volunteers and contractors abide by all relevant health and safety procedures.

Required Experience

  • Proven experience working in a multi-disciplinary team environment, building rapport and managing stakeholder expectations
  • Proven ability to uplift cyber capability
  • Experience in security incident and event management
  • Previous experience working in an organisation that has a highly regulated environment
  • Experience with regulatory, compliance and IT security management framework
  • Exposure to industry standard security frameworks (e.g. NIST, ASD, ISO27001, APRA CPS 234)
  • Development of security related documentation (policies, procedures, standards)
  • Exposure to the performance of penetration testing and vulnerability scanning
  • Exposure to cloud-based technologies
  • Knowledge of Jira
  • Develop Cyber security reports and dashboards.

Personal Attributes

  • Exceptional customer service orientation
  • Ability to handle multiple requests and prioritise
  • Strong interpersonal skills
  • Highly self-motivated
  • High levels of attention to detail
  • Naturally analytical and curios with a tendency to problem solve.

Key Skills

  • Ability to effectively communicate with stakeholders at all levels
  • Demonstrate strong customer service skills
  • Proven ability to analyse, interpret and present information back to stakeholders in user-friendly language to ensure a clear understanding
  • Prepare, read, comprehend and analyse a variety of complex reports, logs, spreadsheets, plans, documentation and correspondence
  • Speak to individuals or groups of people with poise, voice control and confidence
  • Ability to prioritise and execute tasks in a high-pressure environment
  • Experience working in a team-oriented, collaborative environment
  • Manage multiple high priority initiatives in a fast paced, highly technical environment
  • Successfully perform the planning, directing, reporting and administrative responsibilities of this
  • Strong Problem-Solving and Analytical Skills.

Qualifications/Requirements - Mandatory

  • BSc degree in Computer Science, Information Technology or relevant field
  • Minimum of 3 years’ experience working in a complex entity across ICT risk and security management
  • Australian Citizenship or Permanent Resident
  • We adhere to the National Principles for Child Safety and require all team members to be committed to child safety and wellbeing. Our induction and training will provide you with an understanding of these principles, including having an understanding of children’s developmental needs and culturally safe practices
  • Hold or have the ability to obtain a current Police Clearance and Working with Children Check.

Qualifications/Requirements – Preferred but not essential

  • Current Driver’s Licence.



IT Security Analyst

Apply On Company Site
Back to search page
;