Position Overview

This position is responsible for helping the Entity to protect, detect, and respond to cyber security threats. The successful candidate will be required to act as a productive member of the Cyber Security team within the GRC function and will have knowledge of the Protective Security Policy Framework (PSPF), the Information Security Manual (ISM), as well as risk management practices, and how to implement them into the Entity.

The successful candidate will support the GRC function with policy development, risk analysis, promoting cyber safe behaviours, report writing, and engaging proactively with various stakeholders.

Key Responsibilities and Duties

• Perform security risk assessments using the Entity Risk Management Framework, and cyber security frameworks such as the ISM, and PSPF.
• Create security documentation including Security Risk Management Plans (SRMP), and System Security Plans (SSP)
• Provide input into system designs to achieve ‘security by design’ in systems and services.
• Liaise proactively with System Owners, Project Managers, and other stakeholders to develop risk treatment plans.
• Audit and report on risk treatments, privileged access, and vulnerability management.
• Monitor work queues and mailboxes to provide security help and expert advice.
• Advise stakeholders on security policy, procedures, and best practice.
• Provide input into security policy
• Work collaboratively in a multi-disciplinary environment, fostering teamwork and group activities.

Qualifications and Experience

• Experience performing security risk assessments and applying the PSPF and ISM would be highly regarded.
• Experience in vulnerability management would be beneficial.
• Understanding of Azure from security perspective would be highly regarded.
• An ICT background would be beneficial.
• Certifications and qualifications such as CRISC, CISM, ISO:27001, CISSP would be highly regarded.

Selection Criteria

1. Demonstrated ability to apply critical thinking to perform security risk assessments and create management plans.
2. Ability to offer technical security advice and choose appropriate security controls.
3. Proficiency in applying security practices and principles, including vulnerability management, and adherence to industry standards.
4. Ability to create reports and provide appropriate recommendations to achieve security outcomes.
5. Excellent written, verbal, and interpersonal skills.

Eligibility

Employment with the Court is subject to the conditions prescribed in the Public Service Act 1999, and the following:

1. Australian citizenship – the successful applicant must hold Australian citizenship.
2. Security and character clearance – the successful applicant must satisfy a Police Records Check and must have, or be able to obtain and maintain a NV1 security clearance
3. Successful applicants engaged into the APS will be subject to a probation period.

Interested candidates who have received a redundancy benefit from an APS agency are welcome to apply but note that they cannot be engaged until their redundancy benefit period has expired.

Diversity and Inclusion

Federal Court Australia is committed to supporting an inclusive and diverse workforce and welcomes and encourages applications from People with Disability.

First Nations peoples, LGBTIQA+ people, people from Culturally and Linguistically Diverse backgrounds, Mature age workers, as well as young workers and supporting an inter-generational workforce and supporting gender equity and families.

Federal Court Australia will provide reasonable adjustments for candidates to participate equitably in the recruitment process and discuss workplace adjustments to fulfil the inherent requirements of the role.

RecruitAbility

RecruitAbility applies to this vacancy. Under the RecruitAbility scheme you will be invited to participate in further assessment activity for the vacancy if you choose to apply under the scheme; declare you have disability; and meet the minimum requirements for the job. For more information visit: https://www.apsc.gov.au/recruitability

Contact Officer

For more information, please contact Chris Leeming, Director, Cyber Security via telephone 02 6113 9371 or email [email protected].

How to apply

To apply, please complete the application form on the Court’s careers portal.

As part of your application, you will be required to submit a two-page response outlining your suitability for this position having regards to the selection criteria and duties of the position which are described in the position description (maximum word limit 1000). Please ensure this document is attached before submitting your application.

If you have any issues with applying, please email [email protected]

Application Close: Wednesday 04 June 2025, at 11:30 pm (AEST)

Aboriginal and Torres Strait Islander people are strongly encouraged to apply.