Governance, Risk and Compliance (GRC) Lead
Canberra, Australia
Applications have closed
Company Description
At Leidos we bring together science, engineering and technology to deliver smart solutions to our customers’ most complex challenges. Great ideas are our currency and every person here is encouraged and enabled to be curious, open-minded and confident in bringing theirs to the table - to be inspired by what they can achieve and the impact they can have.
Job Description
Passionate about Governance, Risk and Compliance (GRC)? This Lead position is pivotal in ensuring the ongoing ICT security accreditation for a major program delivering ICT infrastructure here in Canberra.
This permanent opportunity will be responsible for providing services to ensure compliance with the applicable Information Assurance (IA) frameworks, policies, and standards (with particular focus on Information Security manual (ISM) and Defence Security Manual (DSM).
Duties include, but not limited to:
- Develop, implement and maintain security governance, including security frameworks, policies, and standards, for a major ICT infrastructure program in accordance with Information Security Manual and Defence Security Manual.
- Develop, implement and maintain the Security SOPs and SSPs supporting certification and accreditation for the service being delivered;
- Develop certification and conformance evaluation criteria to ensure successful system acceptance.
- Maintain and improve the system security documentation package
- Liaise with service delivery areas, client management and client security areas to ensure security processes are effective and have been implemented in the Service Delivery areas.
- Conduct routine audits to validate the certification and conformance readiness state achieve System Certification and Accreditation.
- Lead identification, implementation and review of the full range of I&A measures to ensure certification and accreditation is maintained in a complex environment.
What you'll bring
- Experience in performing and/or successfully preparing for iRAP assessments, certification and accreditation across ICT infrastructure delivery;\
- Hands on or technical security compliance audit experience across a range of platforms including networks, Windows, Unix and Linux in Government context;
- Substantial experience designing and developing IA frameworks, policies, and standards for mid-to-large organisations and in leading IA plans and projects..
- Substantial experience collaborating with business partners, application development, and technical teams to establish objectives and ensuring that these objectives were satisfied.
- Experience or demonstrated knowledge in applying policy and compliance assessment at a technical level across networks, Windows and Unix/Linux environments.
Qualifications
Highly Desirable
- Bachelor's Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent professional experience and specialised training commensurate with assignment;
- Applicable security certifications, such as CISSP, CISA, CISM;
- Current iRAP or desire and ability to become iRAP;
- Must hold a minimum of NV1 OR NV2 clearance.
Additional Information
Due to the nature of the role, the successful candidate must be an Australian Citizen, hold a government NV-1 security clearance, with the expectation of obtaining an NV-2.
At Leidos you’ll enjoy 12 weeks’ paid parental leave as a primary carer, flexible work practices, discounted health insurance, novated leasing and more. Foster your career through complete access to learning and development and mentoring opportunities, we have a strong track record of internal promotion and career transitions.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISSP Clearance Compliance Computer Science Governance Linux Security Clearance System Security Plan UNIX Windows
Perks/benefits: Career development Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs