Senior Cyber Security Analyst - Security Assessment and Testing, Ongoing opportunity based in Sydney CBD + hybrid working options

About the job
The Department of Customer Service (DCS) is looking for a Senior Cyber Security Analyst-Security Assessment and Testing to join our growing team. In this role, you will contribute to the operations, maintenance, enhancements and reporting of Application Security, Security Assessments and Vulnerability Management programs. This includes conducting/ coordinating of Application Security testing, Security Assessment, identification of vulnerabilities, governance of vulnerability remediation. This role is expected to contribute to the organisation's goals and objectives in proactively identifying vulnerabilities and weaknesses in systems and applications to maintain Security Posture of DCS and its agencies.

Benefits

• Ongoing opportunity in the Security Assessment and Testing team.
• Exposure to industry leading tools and platforms
• Salary Range $129,464 - $142,665+ super
• Excellent leave entitlements: 20 days annual leave, up to additional 24 days flexible leave and five days compassionate leave.
• Hybrid and flexible working options available, which would include two days in our office based in Sydney CBD

About Us
DCS is transforming the way NSW Government agencies interact with customers. We are passionate about putting the customer at the centre of everything we do and adopting new technologies to make government work better.

DCS is a service provider and regulator, focusing on delivering first-class customer service, digital transformation and regulatory reform to create better outcomes for the people of NSW.

The Security Assessment and Testing team is a key team within the Cyber and Information Security Office, responsible for Security assessments including Application Security, Penetration testing, identification, reporting and governance of Vulnerabilities.

This role is pivotal to help mitigate security risks across DCS and its agencies, whilst contributing to strengthening the security posture within the organisation.

Responsibilities include

• Implementation and maintenance of application security programs and application security testing in DevOps.
• Implement and maintain security testing tools in DevOps and develop procedures to enhance security and reduce manual effort.
• Collaborate with development, operations, and security teams to ensure security findings are addressed and share reports as needed.
• Operations and maintenance Vulnerability Management program ensuring security objectives and SLAs are met by internal staff and supporting vendors.
• Plan and coordinate cyber threat emulation activities and communicate technical findings and recommendations.
• Support the team in optimising processes and procedures to deliver effective, sustainable and high-quality security deliverables.
• Develop and lead projects with an aim to ensure continuous improvement of NSW Government's cyber security posture.
• Identify stakeholder requirements, prioritise workload and manage team portfolios to meet agreed outcomes and timeframes to ensure prompt resolution of issues.
• Keep up-to date with the latest trends and issues in IT and cyber security risks and solutions to provide recommendations on innovations and best practices to improve cyber security posture across NSW Government.

About you

• Technically minded with proven experience in DevSecOps, DevOps, or a related role.
• Strong knowledge of application security methodologies and testing tools for SAST and DAST (Static and Dynamic Application Security Testing).
• Experience with CI/CD tools such as Jenkins, GitLab CI/ CD, GitHub Actions, Azure DevOps etc.
• Experience with containerisation and orchestration tools (e.g., Docker, Kubernetes).
• Knowledge of infrastructure as code (IaC) tools (e.g., Terraform, Ansible).
• Familiarity with cloud platforms (e.g., AWS, Azure, GCP).
• Experience in ITSM and Ticketing systems is required.
• Proficiency in scripting languages (e.g., Python, Bash) is highly desirable.
• Candidates with experience in Vulnerability Management tools is an added advantage.
• Experience in managing Attack Surface Management and Exposure management tools is highly desirable.
• At least 5 years' experience in cyber security, technology or a related field.
• Relevant industry certifications such as SANS, CISSP, CEH, or AWS Certified Security - Specialty or any other relevant certifications in DevSecOps is highly desirable.
• A passionate understanding of the changing cyber security environment and a drive to uplift security response effectiveness.
• A collaborative team player who can work with technical and non-technical teams to ensure appropriate understanding of cyber security operations and capabilities.

What we need from you
To start your journey towards joining our team, please click on the link below and attach your resume (max 5 pages) and cover letter (max 2 pages).

In your cover letter please share your motivation for applying for this position and your relevant skills.

A talent pool may be created from this recruitment process to fill future ongoing and temporary opportunities.

Salary Grade 9/10, with the base salary for this role starting at $129,464 base plus superannuation

Click Here to access the Role Description. For enquiries relating to recruitment please contact Nicole Turner via [email protected].

Visit the Capability Application Tool to prepare for the recruitment process by accessing practice application and interview questions based on the focus capabilities listed in the role description.

Closing Date: Monday 11th August at 10am

Careers at Department of Customer Service
A career at the Department of Customer Service (DCS) gives you the opportunity to help improve government services and be part of reform that benefits people across NSW. We are focused on delivering excellent customer service, digital transformation, and regulatory reform. Come join us and influence the future of our great state.

Belong in our diverse and inclusive workplace

The strength of our workforce lies in its diversity and embracing difference, while the key to our success is leveraging the contributions of employees with different backgrounds and perspectives.

You can view our full diversity and inclusion statement here.

We want you to bring your best self to this application process. If you have any support or access needs that may require adjustments to allow you to fully participate in this selection process (including an alternate format of the application form) please contact [email protected] or 02 9494 8351.

For more information, please visit

Information on some of the different types of disabilities

Information on adjustments available for the recruitment process