Summary

Our client is a very high-profile Public Sector agency.

They have a very good IT team, split across Canberra and Sydney.

This role can be located in either city, though there is some preference for Sydney.

Work will be carried out as Hybrid – generally 2 days office / the rest WFH.

They are looking for a senior IT Security Architect to come in for an initial 12 month contract, and the role has strong potential for a further 12-24 months after that. As such, it would suit someone who usually works in permanent roles as well as contractors.

Due to the nature of the client organisation's “business”, IT security is absolutely critical with regards to their systems, so they will have a very keen eye on choosing a suitable person for this role.

Also, to apply for this role you must, at a minimum, have a current federal government Baseline security clearance, and be able to have that extended to an NV1 during the contract. (If you already have an NV1, all the better.) If your security clearance is not in your resume, you will not receive a call back.

We will be accepting resumes until COB Tuesday 12 August.

We will, however, be reviewing resumes progressively as they come in, and unlike most recruiters, we read every resume. If you feel your experience significantly matches the details below, please do not delay applying.

Responsibilities

In this role, working as an IT Security Architect, amongst others, you will have the following responsibilities:

Development of security architectural methods and frameworks in conjunction with relevant teams;

Provide security specific advice across a wide range of tech areas;

Ensure the correct security measures and controls are in place and maintained in the lifecycle of solutions;

Ensure that solutions adhere to security policies and standards;

Support solutions development to ensure that solutions are secure by design;

Assist with development of the Security Service Catalogue;

Develop security artefacts for cloud environments ;

Assist in determining the baseline security configuration standards for systems (especially cloud-based);

Experience with Microsoft and AWS cloud solutions that includes the security controls;

Knowledge of third-party products that would contribute to the securing, governance and operations related to a Microsoft and/or AWS cloud environment;

Work closely with selected security vendors.

Essential skills and Experience

Please note that this list is long, but very important to the client.

If you do not cover the majority of those below, please do not apply.

At least 7 years of experience in an IT Security Architect developing and using security architecture methodologies;

Demonstrated experience in securing on-prem and cloud implementations to PROTECTED standards for workloads and data;

Demonstrated experience working with PROTECTED systems and in their integration with cloud services;

Demonstrated performance of security design/architecture reviews, code reviews, and penetration tests of large applications, systems and/or networks;

Detailed knowledge of OWASP Top 10 and associated mitigation strategies;

Detailed understanding of design and security in web-based architectures including Single Page Applications and API-oriented architectures;

Understanding of, and preferably experience in implementing Zero-Trust principles;

Knowledge of securing on-prem and cloud infrastructure systems including Microsoft and Linux oriented architectures;

Knowledge of security standards and frameworks such as PSPF, ISM, ISO 27000, NIST and SOC2;

Proven track record and strong experience in domains such encryption, access and identity management, vulnerability management;

A proven track record of working with infrastructure and development teams to build secure solutions.