Skip to main content
mobile accessible share in facebook in a new window


You are currently looking at Home > Science and Health > View Searched Notices

Now viewing Notice 1 of 1
Attorney-General Vacancy N.N. 10715618
Attorney-General's Department Closing date: Sunday, 3 December 2017
Job Title: Technical Advisor
Division: Cyber and Infrastructure Security Division
Branch: Computer Emergency Response Team
Job Type: Ongoing, Non-ongoing (Temporary), Full-time, Part-time
Salary: $71,128 - $90,230
Location: Canberra - ACT; Brisbane - QLD; Perth - WA
Broadband: APS Level 5/6 (APS Level 5, APS Level 6)
Classification: APS Level 5, APS Level 6
Agency Employment Act: PS Act 1999
Position No: 4934045/CERT | Several Positions

Job Description

Duties


To obtain a copy of the Vacancy Information Kit for this vacancy, please click on the 'Apply Online' button at the bottom of this advertisement.

OUR DIVISION

The National Computer Emergency Response Team – CERT Australia – partners with businesses to prevent, mitigate and contain cyber security incidents that affect the private sector and have the potential to impact our nation more broadly. We provide advice, guidance and support through a range of products, face-to-face briefings and incident-specific responses. We host and participate in regional, national and international events and have been appointed the lead agency for raising public awareness about cyber security in Australia.

Our workload is vast and varied and, as part of the National Security Division, we also contribute to the Attorney-General’s Department’s broader roles and responsibilities in keeping Australia safe. Our position in the Division sees us collaborate on matters that transcend physical and cyber security, and provides access to key decision-makers within Government.

Due to the Prime ministers announcement on 18 July 2017 regarding the creation of a Home Affairs portfolio, these roles may be subject to Machinery of Government changes.

OUR OPPORTUNITIES

CERT Australia is expanding all areas of our operation as we deliver a number of key initiatives under the Government’s Cyber Security Strategy. Cyber security skills and experience are an advantage, but many of our roles are open to people whose skills and experience will complement and strengthen our multi-disciplinary team.

Working at CERT Australia, you will collaborate with industry, academia and international partners to tackle some of the greatest cyber security challenges faced by the nation. Our relationships with the private sector and other Government agencies provide the ability to influence practical outcomes as well as shape broader strategic policy.

Our people come from a range of disciplines and reflect the breadth of our work which includes technical operations, domestic and international partnerships, strategic engagement and operational readiness. Our new recruits will demonstrate initiative and innovation as well as an aptitude for working in dynamic, fast-paced environments.

OUR SUCCESSFUL APPLICANTS

To be successful in a role with the technical operations team you will have demonstrated experience in one or more of our core focus areas: incident response, threat intelligence, control systems security, or tools and technologies.
This process will be used to fill vacancies at the APS 5-6 Broadband Level. Applicants should refer to the Attorney-General’s Department Performance Expectations, for information regarding the expectations of each level and tailor their responses accordingly.

Given CERT Australia’s role in supporting business, technical credibility is not all that is required. You will have a demonstrated track record in formulating sound cyber security advice or the aptitude to quickly develop these skills. You must be comfortable communicating with both technical and non-technical audiences, and translating effectively between the two. You will be able to think on your feet, and operate in high stress environments. You will have a demonstrated capability to build and nurture collaborative relationships and to manage multiple projects to meet deadlines. Applicants for intermediate and senior positions must be confident taking control and providing leadership in any situation.

Specific requirements for each team follow:

Incident Response

To be successful in getting a position in the Incident Response team, you will be a team player, working closely with other cyber security Incident Response professionals. You will possess strong written and verbal skills, at times responding to public telephone inquiries by providing proactive or reactive cyber security advice to our business partners. You will work on incident response cases where a thorough understanding of Windows operating systems, disk analysis, network analysis or malware reverse engineering skills would be advantageous.

Primary responsibilities include:

• Analysing cyber security intrusions and providing technical mitigation or incident response advice.

• Assist in continuous technical process and procedure improvement, including standard operating procedure development, to build a world class cyber security incident response capability.

• Ensure incidents and investigations are thoroughly documented for the purposes of facilitating record keeping, process improvement, lessons learned, trend analysis, and senior leadership reporting.

• Execute ad-hoc tasks or lead projects as needed.

• Conduct research into the latest cyber threats in order to provide defensive mitigation advice to our partners.

• Participate in CERT or industry led technical, threat round table discussions or conference events, with optional but encouraged presentation or public speaking involvement.

Candidates should possess:

• Substantial industry experience serving in an IT systems administration or engineering role with an interest in security, or in a cyber security specific role.

• A solid understanding of enterprise-grade security technologies, such as SIEM, IDS/IPS, antivirus, full packet capture, data loss prevention (DLP), firewalls, web proxies and similar controls.

• Strong problem solving and critical thinking abilities.

• A strong desire for continuous process improvement and excellence.

•Excellent verbal and written communication skills to include the ability convey technical details in a clear and understandable manner to both, technical and non-technical audiences alike.

• Strong planning and organisational skills.

• Ability to operate under demanding or stressful workloads, noting that at times you may be called upon to respond to serious cyber security incidents that evolve at a rapid pace.

Desired:

• An understanding of the current threat landscape and adversary tactic, techniques and procedures (TTP's).

• An understanding of network and host-based intrusion analysis methodologies.

• Previous experience within a Blue, Red, SOC, incident response, reverse-engineering or hunt team.

• Preferred Certifications - GIAC (e.g., GCIH, GCIA, GCFA, etc.), with offensive knowledge such as OCSP also beneficial.

Threat and intelligence

To be considered for a position in the threat intelligence team, you will possess a diverse range of skills to support the CERT's capability to process and analyse threat information, extract and contextualise indicators of compromise, and share the results with partners using technologies such as STIX and TAXII. You will have a sound knowledge of static and dynamic malware analysis techniques. You will also have software development experience in order to contribute to the maintenance and development of a range of internal applications in support of this capability. You have a sound understanding of the vulnerabilities that are exploited by threat actors and the range of mitigations that organisations may adopt in order to reduce their exposure. You will use this knowledge to formulate and document effective advice for industry partners and the broader community. You will not undertake this work alone, you will have a demonstrated capability to build and nurture collaborative relationships and to manage multiple projects to meet deadlines.

Control systems security

The primary purpose of the control system’s team in CERT Australia is to provide a control system incident response capability for Australia. While we stand ready for that eventuality, day-to-day roles include assessing and publishing vulnerability advisories, progressing our main projects which include meeting with and advising partners and vendors, organising events where technical partners exchange control system cybersecurity information, providing advice to other areas of government, and providing and receiving training.
To be a successful applicant you will be a technical person, who has experience working in an engineering environment. Sectors of interest include transport, water, energy, petroleum and gas, and health. Systems of interest include all industrial control systems. These range from working with various industrial controllers, through forms of communication such as buses and protocols, and through architectures such as SCADA and DCS. We do not expect any one person to be experienced in all of these areas, but each applicant should be experienced in at least one area with more areas viewed more favourably. You should have a strong interest in cybersecurity, and ideally have some experience in that field. We are ready to train people in control system incident response and cybersecurity tools and techniques.

Tools and technologies

The Tools and Technologies Team in CERT Australia provides the underlying infrastructure, tools and technical support to the rest of the technical operations teams. The goal of the Tools and Technologies Team is to maintain, enhance and develop tools to assist technical operations.

To be considered for a position in the tools and technologies team, you will need a diverse range of skills to support the CERT’s cyber security mission. You will require problem solving skills, attention to detail, and an excellent working knowledge of Linux based systems and administration. You will also have understanding of the design, build, configuration and operation of a diverse range of systems and network devices, including virtualised environments, databases, web applications, cloud platforms, DNS, email, routers, firewalls and IDS. Knowledge and experience in monitoring and maintaining systems and applications securely, computer network defence, programming and scripting experience and demonstrated ability to learn new systems will be favourably considered. An understanding of incident response, artefact analysis, operating systems securely in a hostile environment would also be advantageous in the support of the other CERT teams.
 

Eligibility


Applicants must be Australian citizens to be eligible for employment at the Attorney-General’s Department.

The preferred applicant will be required to successfully undergo a police record check and be able to obtain and maintain a security clearance at a specified clearance level. The preferred applicant must be willing to disclose all relevant and required information.

Relevant qualifications and/or equivalent industry experience in a security analyst, incident response, engineering, systems administration or operational technology/industrial control setting.
 

Notes


A technical challenge may be issued to candidates to evaluate skills claimed in the written application.

Non-ongoing opportunity will be offered for a specified term

Opportunities will be offered on an ongoing or non-ongoing basis depending on operational requirements.
Non-ongoing opportunities will be offered for a specified term of varying periods up to 18 months, with the possibility of extension. The maximum initial engagement period is 18 months which can possibly be extended to 3 years as per the Public Service Regulations 1999, Sub-regulation 3.5(3).requirements.

RecruitAbility applies to this vacancy. Under the RecruitAbility scheme you will be invited to participate in further assessment activity for the vacancy if you choose to apply under the scheme; declare you have a disability; and meet the minimum requirements for the job. For more information see: http://www.apsc.gov.au/priorities/disability/recruitability.

About Attorney-General's Department 

The Attorney-General's Department (AGD) serves the people of Australia by delivering programs and policies to maintain and improve Australia’s law and justice framework, and strengthen our national security and emergency management. Through the Australian Government Solicitor, we also provide legal services to the Commonwealth (including legal advice and representation).

We are the central policy and coordinating element of the Attorney-General’s portfolio, for which the Attorney-General; the Minister for Justice and Minister Assisting the Prime Minister for Counter-Terrorism are responsible.

To find out more, visit our website at www.ag.gov.au.

To Apply

Position Contact: Ken Radke, (07) 3292 2412
Agency Recruitment Site: http://www.ag.gov.au/
AGENCY INFORMATION
 
Applicants to vacancies notified in all formats of the electronic Public Service Gazette should be aware that;
.  the names of successful applicants may also be notified in all formats of the electronic Public Service Gazette
.  applicants found suitable may be offered similar employment opportunities by other Australian Public Service agencies
 
This notice is part of the electronic Public Service Gazette PS45-Wed - 08 Nov 2017 Published by Australian Public Service Commission.
Now viewing Notice 1 of 1