SCIF Accreditation Specialist (PROJ-4311)
Job Description
Remote is seeking SCIF Accreditation & Assurance Specialists to join the team at ASD. The SCIF Accreditation & Assurance Specialists will provide ICT security advice and assistance to government, including policy creation, project advice and assistance, and research. They will have experience in the construction and/or administration of high security sites including Sensitive Compartmented Information Facilities (SCIFs) to coordination of site certification and accreditation. Their duties will involve identifying security vulnerabilities and deliver planning directives to the facility design and construction workforce. The engaged officer must be able to work with other SCIF stakeholders to review site plans and undertake inspections to ensure building design is compliant with relevant Australian Government security protocols. The officer will also mitigate security risks to ASD sites, personnel, information and capabilities through the delivery of security risk assessments, treatment plans, preparing standard operating procedures, and liaising with various security and certification teams.
Role Description
Essential criteria
- Provides detailed and specific advice regarding the application of their specialism to the organisation's planning and operations. Actively maintains knowledge in one or more identifiable specialisms. Recognises and identifies the boundaries of their own specialist knowledge. Where appropriate, collaborates with other specialists to ensure advice given is appropriate to the organisation's needs.
- Maintains operational security processes and checks that all requests for support are dealt with according to agreed procedures. Provides advice on defining access rights and the application and operation of elementary physical, procedural and technical security controls. Investigates security breaches in accordance with established procedures and recommends required actions. Provides support and checks that corrective actions are implemented.
Desirable criteria
- Collates and analyses information for threat intelligence requirements from a variety of sources. Contributes to reviewing, ranking and categorising qualitative threat intelligence information. Creates threat intelligence reports. Evaluates the value, usefulness and impact of sources of threat intelligence sources.
- Understands local (organisation or project) Information Security Governance processes. Undertakes Information Security Governance tasks under supervision. Recognises and addresses non-compliance and makes recommendations for change.
- Drafts or reviews components of Information Security strategy at programme or project level and/or contributes to organisational IS strategy.