Location
Canberra, ACT, Australia
Posted
July 10, 2026
Job Description
Provide system assessment and authorisation activities as directed by the client engineering manager. Conduct assessment and authorisation in line with ASD ISM, PSPF, relevant security policy frameworks and CSAA methodology, templates and guidance. Perform security assessments using Operational Effectiveness Reviews (OER) and Design Effectiveness Reviews (DER) where justified. Audit the effectiveness of system security controls implemented across client capability systems. Develop and deliver assessment artefacts including Security Assessment Reports, ATO briefs, risk statements and recommended remediation actions. Identify, analyse, evaluate and escalate cyber security and business risks. Assess vulnerabilities associated with security exceptions, software defects, architecture weaknesses and design weaknesses. Assess system security architecture and services using structured threat modelling methodologies. Review security documentation, policies and procedures to confirm ali...