Governance, Risk and Compliance (GRC) Lead

Canberra, Australia

Applications have closed

Company Description

At Leidos we bring together science, engineering and technology to deliver smart solutions to our customers’ most complex challenges. Great ideas are our currency and every person here is encouraged and enabled to be curious, open-minded and confident in bringing theirs to the table - to be inspired by what they can achieve and the impact they can have.

Job Description

Passionate about Governance, Risk and Compliance (GRC)? This Lead position is pivotal in ensuring the ongoing ICT security accreditation for a major program delivering ICT infrastructure here in Canberra. 

This permanent opportunity will be responsible for providing services to ensure compliance with the applicable Information Assurance (IA) frameworks, policies, and standards (with particular focus on Information Security manual (ISM) and Defence Security Manual (DSM). 

Duties include, but not limited to:

  • Develop, implement and maintain security governance, including security frameworks, policies, and standards, for a major ICT infrastructure program in accordance with Information Security Manual and Defence Security Manual.
  • Develop, implement and maintain the Security SOPs and SSPs supporting certification and accreditation for the service being delivered;
  • Develop certification and conformance evaluation criteria to ensure successful system acceptance.
  • Maintain and improve the system security documentation package 
  • Liaise with service delivery areas, client management and client security areas to ensure security processes are effective and have been implemented in the Service Delivery areas.
  • Conduct routine audits to validate the certification and conformance readiness state achieve System Certification and Accreditation.
  • Lead identification, implementation and review of the full range of I&A measures to ensure certification and accreditation is maintained in a complex environment.

 

What you'll bring

  • Experience in performing and/or successfully preparing for iRAP assessments, certification and accreditation across ICT infrastructure delivery;\
  • Hands on or technical security compliance audit experience across a range of platforms including networks, Windows, Unix and Linux in Government context; 
  • Substantial experience designing and developing IA frameworks, policies, and standards for mid-to-large organisations and in leading IA plans and projects..
  • Substantial experience collaborating with business partners, application development, and technical teams to establish objectives and ensuring that these objectives were satisfied.
  • Experience or demonstrated knowledge in applying policy and compliance assessment at a technical level across networks, Windows and Unix/Linux environments.

Qualifications

Highly Desirable

  • Bachelor's Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent professional experience and specialised training commensurate with assignment;
  • Applicable security certifications, such as CISSP, CISA, CISM;
  • Current iRAP or desire and ability to become iRAP;
  • Must hold a minimum of NV1 OR NV2 clearance. 

Additional Information

Due to the nature of the role, the successful candidate must be an Australian Citizen, hold a government NV-1 security clearance, with the expectation of obtaining an NV-2.

At Leidos you’ll enjoy 12 weeks’ paid parental leave as a primary carer, flexible work practices, discounted health insurance, novated leasing and more. Foster your career through complete access to learning and development and mentoring opportunities, we have a strong track record of internal promotion and career transitions. 

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Audits CISA CISM CISSP Clearance Compliance Computer Science Governance Linux Security Clearance System Security Plan UNIX Windows

Perks/benefits: Career development Parental leave

Region: Asia/Pacific
Country: Australia
Job stats:  3  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.