Cyber & Systems Architect
North East Water
Position Description
Cyber and Systems Architect
It’s an exciting time to join
We’re transforming the way we do business with significant investment in customer, digital and business innovation, re-
designing our infrastructure to service communities for generations to come and pursuing a circular economy so we can
not only reduce our environmental footprint but also reduce energy costs to keep customer bills affordable. We’re also
engaging communities to achieve better outcomes and supporting our incredibly talented and valued leaders and people.
Organisational Context
east Victoria across an area of 20,000 square kilometres. The service delivery area is bound by Corryong, Yarrawonga,
Benalla and Dartmouth. We operate 21 water treatment facilities and 22 wastewater treatment plants that service most
towns across the region. Over 200 full time equivalent staff are employed at our centres in Wodonga, Wangaratta, Benalla,
Yarrawonga, Corryong, Beechworth, Mount Beauty and Myrtleford.
Our operations are overseen by the Department of Energy, Environment and Climate Action (DEECA) on behalf of the
Minister for Water, and the Department of Treasury and Finance (DTF) on behalf of the Treasurer. We continue to invest in
innovative and long-term capital projects which contribute to the health and well-being of current and future generations.
Our Commitment to Health and Safety
from bullying and harassment for all employees, contractors, customers and visitors. We prioritise the health, safety
(physical and psychological) and wellbeing of all staff and customers.
Transformational Leadership Competencies
- Business, strategy and negotiation acumen.
- Agility and adaptability.
- Program and change management.
- Communicator, connector, influencer, relationship builder.
- Opportunity focused, growth mindset.
- Developing, coaching and supporting others.
- Leading hybrid teams.
- Management essentials (safety first, planning, budgeting, delivery, people management,
continuous improvement, opportunity and risk management).
Our Mindsets
At
where our people are aligned with our business direction, proud of their contribution to business performance, and own a
culture that is centred on the following mindsets:
- Committed to advancing and supporting people to succeed.
- Consistent in interactions with people and in applying processes.
- Provide empathy for people and be willing to place oneself in another person’s position.
- Accountable for one’s own actions and responsibilities and playing your part for the success of the
organisation.
- Cooperative with others to work towards the Corporation’s common goals.
Position Objectives
The Cyber and Systems Architect:
- Partners with all members of the Digital and Commercial Innovation team to develop and implement North East
Water’s cyber-security and systems strategies, designs and processes.
- Oversees large and complex change and procurement within the team, and provides expert and independent
evaluation of products, services and vendors that is aligned to
policies.
- Fulfils the role of the corporation’s Corporate Information Security Officer (CISO), with oversight of all aspects of
and information communication technology security for the corporation’s information systems and assets.
- Assists with the coordination and planning to secure infrastructure, services and data to meet future requirements
of the corporation and its customers.
- Provides legislative and statutory security services and advice in accordance with the corporation’s information
security functions.
- Provides a clear understanding of the technical and regulatory landscape within which
including the Victorian Protective Data Security Framework (VPDSF) and Victorian Protective Data Security
Standards (VPDSS).
Key Responsibility Areas
Strategic:
- Setting the overall architecture of
core platforms.
- Where required, providing expert cyber security advice to the SLT, ELT, Board and board-committees.
- Providing clear communication, education and training to staff, both planned and on-demand.
- Working with all stakeholders to improve our whole of organisation response to cyber security.
- Supporting the management of vendors, tracking industry and technology change and relating it back to the
teams’ strategies and objectives.
- Tracking the benefits of technology investment and using this to influence further strategy.
- Working with the Team Leader IT Operations to coordinate systems and cyber strategy implementation.
- Leading the Digital team on large projects and investments.
Operational:
- Participating in internal and external audits in relation to cyber security practices, data practices, and core platform
practices within the organisation, while working with the team to implement improvements.
- Leading and managing key cyber security vendor discussions and reporting on events, alerts, incidents and
opportunities to improve.
- Participating in risk evaluations with a cyber security focus, in relation to new projects that support North East
Water’s digital transformation.
- Providing operational updates to the DGS, DEECA and other Victorian government agencies as required.
- Working with third party vendors to establish compliance with required security standards.
- Ensuring activities undertaken comply with relevant legislation, regulatory and statutory obligations and
responsibilities.
- Monitoring industry trends and best practices and relates them back to
- Identifying and implementing solutions to problems to meet the business systems requirements of all users within
- Securing cloud platforms and integrations between on-prem and cloud.
- Reviewing incidents and outages within the Digital branch and providing recommendations for improvements.
- Assisting in the management and delivery of projects within the Digital branch of the team.
- Continually reviewing all systems within the Digital branch to ensure performance, security, compatibility,
availability, capacity and supportability is met, including locating and implementing fixes.
- Working with the Team Leader IT Operations to coordinate day-to-day systems and cyber delivery.
Organisational Relationships
This role reports to the Manager Digital. The Cyber and Systems Architect liaises with all internal stakeholders, peers in
water corporations or local government, government agencies and members of the public.
Accountability and Extent of Authority
- Accountable to the Manager Digital.
- Responsible for the role of CISO for the organisation and ensuring compliance with cyber security policy, standards,
regulations and legislation.
- Provide organisation-wide advice to improve security to mitigate Cyber incidents.
- This role will lead the direction and implementation of cybersecurity at the organisation, decisions will be made in
consultation with the team and in conjunction with the General Manager Digital and Commercial Innovation.
- Accountable to the Manager Digital in the provision of legislative and statutory security services and advice as it
pertains to the corporation’s information security functions.
Judgement and Decision Making
- Ability to act in an independent and responsible manner with demonstrated initiative and drive.
- Identify and develop policy options for consideration by management.
- Assist in the selection and implementation of IT security controls including upgrading existing software and services
as well as procuring new services where required.
- Adhere to the organisation’s procurement policy and procedure when acquiring new services.
- Ensure new services have the required security classification (i.e. ISO 27001 certification) and are able to securely
connect to our infrastructure.
- Use appropriate policy and procedures to solve problems of a complex nature, providing alternative options and
recommendations.
Specialist skills and knowledge
- Ability to analytically and systematically assess and improve both technical and business operations.
- Expert knowledge in managing security in a complex, and highly available environment.
- Deep knowledge of helpdesk operations, system administration, cyber operations, core platforms and GIS.
- Deep knowledge of systems architecture, design and related practices.
- Knowledge and ability to progress
- An understanding of the long-term goals of
particular relating to the following:
- Victorian Protective Data Security Standards V2.0
- Privacy and Data Protection Act 2014
- Strong understanding of the technical and regulatory landscape within which the corporation operates, including
the Victorian Protective Data Security Framework (VPDSF) and Victorian Protective Data Security Standards (VPDSS).
- Ability to implement software configuration and new services to progress VPDSF (and any other security
frameworks we are required to comply with) to improve the security of the organisation.
- Knowledge of electronic information and how it is stored, processed and communicated.
- Technical competence in ICT security and the application of security measures.
Management Skills
- Highly skilled in managing time and setting priorities, with the ability to achieve objectives and set goals, taking
account of organisational and external constraints and opportunities.
- Skilled in setting priorities to achieve goals despite conflicting pressures.
- Ability to handle a variety of issues concurrently with limited day-to-day supervision.
Interpersonal Skills
- Ability to lead by example and demonstrate advanced communication skills.
- Ability to persuade, influence and gain cooperation from both within the corporation and externally.
- Ability to inform and communicate with the senior leadership team and Board.
- Demonstrated ability to work with a range of stakeholders, e.g. other government entities, and internally
within the business.
- A professional level of spoken and written communication skills, (i.e. report writing and board
presentations).
- Ability to maintain strict confidentiality when interacting with secured data and/or documents.
- Ability to maintain ethical and transparent working relationships.
- Ability to provide leadership and guidance on information security to all areas of the corporation.
- Represent the organisation at external working groups (IT Special Interest Group), and committees.
Qualifications and Experience
- Extensive knowledge and considerable experience in information technology with knowledge of applicable software
and hardware systems, and particularly Microsoft technologies.
- Experience in securing cloud platforms and integrations between on-prem and cloud is advantageous.
- A relevant degree or alternatively, this may be acquired through other qualifications, together with extensive and
diverse experience, or intensive specialist experience.
- The position will require a current driver’s licence as security assets may be located at sites across the service area.
Requirements of Employment
Employees of
Health, Safety and Wellbeing
- Ensure the health, safety and wellbeing of yourself and others.
- Adhere to
training.
- Report all incidents regardless of the severity and participate in incident debriefs.
- Take all reasonable actions to ensure the health, safety and wellbeing of yourself and others in the workplace.
- Proactively focus on your physical and mental wellbeing.
Protecting the Environment
helping our communities build resilience and adapt to climate change. This will be demonstrated through continued
emissions reduction, climate adaptation and environmental stewardship.
Data Privacy
As a Victorian government organisation,
2014 (“PDP Act”). There are 10 Information Privacy Principles (“IPPs”) in the PDP Act that govern the way that North East
Water collects and handles the personal information of current and future employees and customers.
Privacy Statement can be found on our website.