Cyber Security Consultant

Azooa is preparing a response for RFQ ICTSO-27-0001 – Multiple ICT Security Positions and is seeking suitably qualified contractors for multiple cyber security roles supporting the Army ICT Security Office within G6 – Army Headquarters. These roles support Army’s service-level cyber security capability across vulnerability and patch management, cyber security incident management, and cyber security policy/advice functions.

Roles Available

Azooa is seeking candidates for the following roles:

1. Vulnerability & Patch Management Officer
2. Cyber Security Incident Manager
3. Cyber Security Advice Officer

Overview

The Army ICT Security Office requires specialist ICT security resources to support Army’s ability to sustain cyber security functions and mitigate cyber security risks specific to Army.

The requirement is focused on providing SME capability across:

• ICT security incident response
• Vulnerability and patch management
• Cyber security policy and advisory services
• Security compliance and reporting
• Risk identification, mitigation and stakeholder engagement

All roles are onsite at Army Headquarters, Canberra ACT, and require strong engagement with Defence stakeholders including ADF, APS and Defence contractors.

Core Purpose

The core purpose of these roles is to support Army’s ICT security capability by providing specialist services across vulnerability management, patch compliance, cyber security incident coordination, policy development, governance, security advice, compliance reporting and cyber risk mitigation.

Scope / Responsibilities

1. Vulnerability & Patch Management Officer

This role will support the Army IT Security Manager by:

• Monitoring and distributing vulnerability and patch notifications.
• Working with stakeholders to develop a system compliance toolset covering vulnerability and patch management.
• Compiling vulnerability and patch compliance reporting.
• Coordinating whole-of-Army returns on patch status.
• Alerting relevant authorities to non-compliance.
• Refining and documenting the Continuous Reporting Policy.
• Defining rules and governance for systems in operation.
• Linking continuous reporting to ICT System Assessment and Authorisation requirements.
• Developing and maintaining a Continuous Reporting Plan template for System Owners and System Managers.
• Managing Army ICT Security Office Requests for Information.
• Monitoring and managing the Vulnerability and Patch Management inbox.
• Providing Army advice on vulnerability and patch management.
• Participating in formal meetings and working groups on behalf of ITSM-A.
• Providing specialist advice to Defence stakeholders.
• Identifying gaps, risks and issues.
• Managing obstacles that may impact successful execution.
• Collaborating with ADF, APS and Defence contractors.
• Self-managing hours and advising ITSM-A of contractual risks.

2. Cyber Security Incident Manager

This role will support Army-wide cyber security incident coordination by:

• Managing and coordinating cyber security incident response on behalf of the Army IT Security Manager.
• Supporting potentially sensitive or classified incidents, including incidents that may involve insider threat considerations.
• Developing, distributing and managing cyber security incident management practices, processes, direction and policy.
• Supporting Disaster Recovery and Business Continuity Plan practices and processes.
• Monitoring threat and risk reporting channels.
• Reporting incident statistics and individual incident status.
• Conducting security risk assessments.
• Providing alerts and advice to Army ITSM, Army security staff and Senior Leadership.
• Developing and maintaining cyber security incident records.
• Providing cyber security incident response mentorship, guidance and advice.
• Managing Army’s compliance with Defence and Whole of Government cyber security policy.
• Supporting compliance with ISM, PSPF and DSPF requirements.
• Applying relevant standards and best practices, including ISO and NIST.
• Representing Army ITSM in internal and external incident response coordination.
• Providing update briefs and applying direction during incident response activities.
• Being available at short notice to provide coordination and advice on incident management.
• Building relationships with ITSMs and ITSOs across Army.
• Supporting training, policy requirements, cyber exercises and tabletop activities.
• Providing specialist advice to working groups and senior committees.

3. Cyber Security Advice Officer

This role will provide cyber security policy, governance and advisory support by:

• Understanding Defence and Army cyber security policies, including DSPF, PSPF and ISM.
• Developing and managing Army ICT security policy, guidance and direction.
• Aligning policy and guidance with PSPF, DSPF, ISM, specified ISO standards, NIST, DDG/JCG direction and Army directives.
• Providing policy advice to the Cyber Security Authority – Army.
• Advising IT Security Manager – Army and Functional Command ITSMs.
• Supporting compliance with Defence, Whole of Government, Australian and international standards.
• Managing and maintaining records of RFIs and advice provided.
• Releasing technical and policy guidance information circulars, technical bulletins and related documents.
• Maintaining awareness of cyber security trends.
• Advising ITSM-A and Senior Leadership on training, policy and governance improvements.
• Supporting the ongoing maturation of Army cyber security capability.
• Ensuring Army ICT Security Office practice and policy aligns with broader Defence and Whole of Government requirements.
• Maintaining stakeholder relationships with DDG, JCG, ASD and Army stakeholders.
• Conducting risk assessments and developing/executing mitigations for identified Army cyber security threats.
• Supporting internal and external cyber security training requirements with SME advice.

Key Deliverables

Depending on the role, key deliverables may include:

• Vulnerability and patch notifications.
• Patch status coordination and compliance reporting.
• Continuous Reporting Policy documentation.
• Continuous Reporting Plan templates.
• RFI management and advice records.
• Cyber security incident response coordination.
• Incident management practices, processes, direction and policy.
• Disaster Recovery and Business Continuity Plan inputs.
• Threat, risk and incident reporting.
• Security risk assessments.
• Cyber security incident records.
• Senior leadership briefings and specialist advice.
• Technical bulletins, information circulars and policy guidance.
• Cyber security training and tabletop exercise support.
• Meeting inputs, working group support and governance advice.
• Contract and performance reporting contributions where required.

Mandatory / Essential Criteria

Candidates should be able to demonstrate:

• Minimum five years’ experience in ICT security management.
• Demonstrated experience relevant to the selected role’s Scope of Work and Statement of Duties.
• ICT security and/or policy development experience.
• Essential Eight
• Information Security Manual
• Defence Security Principles Framework
• Protective Security Policy Framework
• Ability to engage effectively with Defence stakeholders including ADF, APS and contractors.
• Ability to operate flexibly in a dynamic Defence cyber security environment.
• Strong written and verbal communication skills.
• Ability to identify gaps, risks and issues.
• Ability to participate in formal meetings, working groups and senior forums.
• Ability to self-manage hours and meet contractual obligations.
• Ability to work onsite at Army Headquarters in Canberra.

Role-Specific Desirable Criteria

Vulnerability & Patch Management Officer

Highly regarded experience/certifications include:

• CISSP or equivalent.
• ISO 27001:2022 Lead Auditor or equivalent, such as:
• Certified Information Systems Auditor
• GIAC Systems Network Auditor
• Certified in Risk and Information Systems Control
• Knowledge and experience with PowerBI or similar data visualisation tools.
• Knowledge of Defence Deployed ICT.

Cyber Security Incident Manager

Highly regarded experience/certifications include:

• CISSP or equivalent.
• SANS SEC504: Hacker Tools, Techniques & Incident Handling, or equivalent incident handling training.
• ITIL v3 or demonstrated equivalent experience.
• Knowledge of Defence Deployed ICT.
• Experience with ISO, NIST, ISM, PSPF and DSPF-aligned incident response environments.

Cyber Security Advice Officer

Highly regarded experience/certifications include:

• CISSP or equivalent.
• CISM or GIAC Security Leader Certification.
• ISO 27001:2022 Lead Auditor or equivalent, such as:
• Certified Information Systems Auditor
• GIAC Systems Network Auditor
• Certified in Risk and Information Systems Control
• Knowledge of ICT governance and security tools such as RSA, Archer and C2M2.
• Knowledge of Defence Deployed ICT.
• Experience providing cyber security policy and governance advice in Defence or Federal Government environments.

Engagement Details

• RFQ: ICTSO-27-0001
• Work Order Title: Multiple ICT Security Positions
• Client environment: Army ICT Security Office, G6 – Army Headquarters
• Location: Army Headquarters, Canberra ACT
• Work arrangement: Onsite
• Indicative effort: 220 days per role, based on 8-hour days
• Key Positions: Yes
• Clearance: Minimum NV1 security clearance

SFIA and Maximum Rate Guidance

Please note the maximum hourly rates below are including super.

Vulnerability & Patch Management Officer

• SCTY-4 maximum rate: $144.39/hour including super
• SCAD-4 maximum rate: $128.93/hour including super
• SYSP-4 maximum rate: $124.75/hour including super

Cyber Security Incident Manager

• BPTS-4 maximum rate: $99.01/hour including super
• SCAD-4 maximum rate: $128.93/hour including super
• USUP-4 maximum rate: $122.96/hour including super

Cyber Security Advice Officer

• TECH-4 maximum rate: $182.27/hour including super
• SCTY-4 maximum rate: $144.39/hour including super

Please provide your expected rate including super for the role or roles relevant to your experience.