Chief Information Security Officer

Company Description

Every person at Leidos plays an important and valued role bringing science, engineering and technology together to produce practical solutions for our customers’ most complex problems. It’s how we help to make the world safer, healthier and more efficient - work that matters and a mission, like those of our customers, we are passionate about. We’re open minded, ambitious and committed to enabling our people to do their best work, to be inspired by what they can achieve and the impact they can have.

Here in Australia, we’re agile and growing fast. Our 2,000 employees are busy building an enviable reputation for innovation and delivery. And, as part of a US-based organisation with 37,000 people and a 50 year history, we are able to draw upon world-leading technical expertise to help us provide the best solutions to our customers.

Job Description

Leidos Australia’s Defence Digital Solutions & Support Division (DDS&S) have an opportunity for a Chief Information Security Officer to shape, lead and execute the delivery of security across multiple technologies, functional areas and domains. Reporting to the Vice President the successful candidate will be responsible for leading all aspects of security for Defences Chief Information Officer Group (CIOG) Centralised Processing (CP) facilities.

On a day to day basis the successful candidate will: 

• Implement the necessary security, governance, process, supporting tool-sets and resources to deliver contractual security obligations 
• Negotiate, agree and deliver to the Security Performance Index for performance measurement
• Ensure ongoing accreditation of the platform elements and associated subsystems
• Work closely with the customer security branch to ensure the Program’s alignment with all applicable security  policies and standards 
• Provide leadership in the development of security models and subject matter expertise to Defence and program stakeholders
• Ensure all program personnel are appropriately trained in relevant security matters and establish a program to ensure compliance
• Be instrumental in driving engagement with both internal and external stakeholders to actively manage relationships and escalations 
• Lead all aspects of CP Security, including GRC, Security (assurance) Architects, Data Centre Security, Security Operations Centre and Engineering functions
• Define, implement, maintain and enforce security measures to monitor and detect security threats and vulnerabilities 
• Be accountable for the prevention, detection and response to harmful code being introduced into the environment under management
• Liaise and coordinate with internal and external assurance bodies, including the ANAO on behalf of the client
• Responsible for ensuring the security of the clients Data Centres

Qualifications

Experience and Knowledge

• Relevant experience as a Security SME including Security Leadership Role/s including prior experience as a CISO/CSO or equivalent leadership position, preferably working or consulting to outsourced Commonwealth clients
• Demonstrable experience as a people leader, leading Security Engineering, 24*7 Security Operations Centre, Governance, Risk and Compliance (GRC), Security Architectural Assurance and Data Centre Security functions, including building and growing security teams
• Proven experience in driving the development of, implementation, delivery and support of information security strategy to assist, influence and support the client’s information security strategy and design and deliver to meet the outcomes
• Proven experience in actively managing relationships with senior client and internal stakeholders and acting as the ultimate escalation point for security issue resolution within the Division
• Expert level experience in performing GRC functions in the Commonwealth Government context with a proven track record in achieving and maintaining large and complex System/Platform level Accreditations, Security Risk Management and Compliance Monitoring and Remediation  
• Hold and maintain applicable Security Certifications and associated Professional Memberships to demonstrate skills and experience to internal and external stakeholders (CISA, CISM/CISSP, iRAP) 
• Experience in securing Data Centres to Australian Government (T4) Security Standards
• Must have an active NV2 or have an NV1 and be eligible to achieve NV2

Additional Information

This position can be based from Melbourne or Canberra. If you are interested please respond with your CV and cover letter by Friday 16th June COB.

At Leidos, we embrace diversity and are committed to creating a truly inclusive workplace. We welcome and encourage applications from Aboriginal and Torres Strait Islanders, culturally and linguistically diverse people, people with disabilities, veterans, neurodiverse people, and people of all genders, sexualities and age groups.