Cyber Engineer — Land C4 Modernisation (LAND 4140)
Land Communications & Specialist Systems SPO (LCSS SPO) is seeking a suitably qualified and experienced Cybersecurity Certification Consultant to operate as an embedded part of the Land C4 Systems Branch within the Communications Delivery Team (CDT). This role sits within CASG supporting the LAND 4140 program.
Overview
The Land C4 Modernisation Project will deliver next-generation Land Command, Control, Communications and Computing capability into the Joint Land Force, modernising and enhancing Land C4 systems at the operational and tactical level. The successful candidate will be a cybersecurity professional who works effectively in a complex environment, thinks critically, applies excellent problem-solving skills and manages competing priorities with a focus on mitigating risks.
Key Responsibilities
Assessment and Authorisation
- Provide System Assessment and Authorisation activities as directed by the CDT Engineering Manager
- Conduct activities in accordance with the ASD Information Security Manual (ISM), Protective Security Policy Framework (PSPF), Defence Security Policy Framework, and the Cyber Security Assessment and Authorisation (CSAA) Charter
- Perform security assessments using Operational Effectiveness Reviews (OER) as the default approach, with Design Effectiveness Reviews (DER) where justified
- Audit the effectiveness of system security controls implemented across CDT capability systems
- Develop and deliver assessment artefacts including Security Assessment Reports (SAR), ATO briefs, risk statements and recommended remediation actions
Risk Identification and Analysis
- Identify, analyse, evaluate and escalate cyber security and business risks
- Identify and assess vulnerabilities associated with security exceptions, software defects, and architecture or design weaknesses
- Assess system security architecture and services using structured threat modelling methodologies
- Protect the Confidentiality, Integrity and Availability (CIA) of Defence information and systems
- Review system security documentation, policies and procedures for alignment with Defence and Australian Government requirements
- Support configuration governance including Change Control Boards (CCB), providing risks, mitigations and options for Executive Authority acceptance
Advisory and Stakeholder Engagement
- Provide cyber security advice within the defined assessor scope of the CDT
- Support the CDT in understanding and mitigating cyber security risks impacting capability delivery within the BTN and TCN environments
- Build and maintain effective relationships with sustainment products, integrated delivery teams, and operational and security stakeholders
Essential Criteria
- Qualifications and/or professional experience suitable for eligibility to obtain DCIAB–CSAA endorsement as a Cyber Security Assessor (e.g. CISSP, CISM, ISO 27001 Lead Auditor, IRAP accreditation)
- Knowledge/experience of radio and satellite communication systems and/or Defence-specific systems
- Understanding of modern networking, computers and operating systems
- Demonstrated ability to produce high-quality technical reports
- Ability to work in a team
- Current NV1 security clearance (minimum)
- Ability to work on site a minimum of 3 days per week
Desirable Criteria
- Extensive industry and specialty experience in cybersecurity within communications (radio and satellite)
- Strong understanding of ICT architectures, networks, platforms, and cyber/security compliance and governance within Defence
- Comprehensive understanding of Defence systems including C4 capabilities
- Previous Defence, Army or CASG experience
- Experience assessing and evaluating risk
- Creativity and innovation in applying solutions for the benefit of stakeholders
Work Arrangements
Locations: Defence Plaza Melbourne or Canberra (R2 only). Candidates cannot be accepted outside of these locations. Minimum 3 days per week on site.
Term: ASAP start through to 30 June 2027, with possible extension. Contracting model is Time & Materials.
Export Control Notice
This position may require access to US export-controlled materiel. Applicants will be asked to disclose any dual citizenship and country of birth. Dual citizens may be subject to further assessment, and appointment is conditional upon approval to access US controlled export material in accordance with the United States Arms Export Control Act.