Skip to main content
mobile accessible share in facebook in a new window

You are currently looking at Home > Mobility > View Searched Notices

Now viewing Notice 1 of 1
Attorney-General Vacancy N.N. 10715636
Attorney-General's Department Closing date: Sunday, 3 December 2017
Job Title: Technical Officer
Division: Cyber and Infrastructure Security Division
Job Type: Ongoing, Non-ongoing (Temporary), Full-time, Part-time
Salary: $63,768 - $69,237
Location: Barton - ACT; Brisbane - QLD; Perth - WA
Classification: APS Level 4
Agency Employment Act: PS Act 1999
Position No: 493406/CERT | Several Positions

Job Description


To obtain a copy of the Vacancy Information Kit for this vacancy, please click on the 'Apply Online' button at the bottom of this advertisement.


The National Computer Emergency Response Team – CERT Australia – partners with businesses to prevent, mitigate and contain cyber security incidents that affect the private sector and have the potential to impact our nation more broadly. We provide advice, guidance and support through a range of products, face-to-face briefings and incident-specific responses. We host and participate in regional, national and international events and have been appointed the lead agency for raising public awareness about cyber security in Australia.

Our workload is vast and varied and, as part of the National Security Division, we also contribute to the Attorney-General’s Department’s broader roles and responsibilities in keeping Australia safe. Our position in the Division sees us collaborate on matters that transcend physical and cyber security, and provides access to key decision-makers within Government.

Due to the Prime ministers announcement on 18 July 2017 regarding the creation of a Home Affairs portfolio, these roles may be subject to Machinery of Government changes.


CERT Australia is expanding all areas of our operation as we deliver a number of key initiatives under the Government’s Cyber Security Strategy. Cyber security skills and experience are an advantage, but many of our roles are open to people whose skills and experience will complement and strengthen our multi-disciplinary team.

Working at CERT Australia, you will collaborate with industry, academia and international partners to tackle some of the greatest cyber security challenges faced by the nation. Our relationships with the private sector and other Government agencies provide the ability to influence practical outcomes as well as shape broader strategic policy.

Our people come from a range of disciplines and reflect the breadth of our work which includes technical operations, domestic and international partnerships, strategic engagement and operational readiness. Our new recruits will demonstrate initiative and innovation as well as an aptitude for working in dynamic, fast-paced environments.


To be successful in a role with the technical operations team you will have aptitude in one of the following four areas: incident response, threat intelligence, control systems security, or tools and technologies.

This process will be used to fill vacancies at the APS 4 Level. Applicants should refer to the Attorney-General’s Department Performance Expectations, for information regarding the expectations of each level and tailor their responses accordingly.

Given CERT Australia’s role in supporting business, technical credibility is not all that is required. You will have an interest in formulating sound cyber security advice and the aptitude to quickly develop these skills.

Specific requirements for each team follow:

Incident Response

To be successful in getting a position in the Incident Response team, you will be a team player, working closely with other cyber security Incident Response professionals. You will possess strong written and verbal skills, at times responding to public telephone inquiries by providing proactive or reactive cyber security advice to our business partners. You will work on incident response cases where a thorough understanding of Windows operating systems, disk analysis, network analysis or malware reverse engineering skills would be advantageous.

Primary responsibilities, under direction include:

• Analysing cyber security intrusions and providing technical mitigation or incident response advice.

• Assist in continuous technical process and procedure improvement, including standard operating procedure development, to build a world class cyber security incident response capability.

• Ensure incidents and investigations are thoroughly documented for the purposes of facilitating record keeping, process improvement, lessons learned, trend analysis, and senior leadership reporting.

• Execute ad-hoc tasks as needed.

• Conduct research into the latest cyber threats in order to provide defensive mitigation advice to our partners.

• Participate in CERT or industry led technical, threat round table discussions or conference events, with optional but encouraged presentation or public speaking involvement.

Candidates should possess:

• IT industry experience or academic study in information technology, with an demonstrable interest in cybersecurity.

• Strong problem solving and critical thinking abilities.

• A strong desire for continuous process improvement and excellence.

• Excellent verbal and written communication skills to include the ability convey technical details in a clear and understandable manner to both, technical and non-technical audiences alike.

• Ability to operate under demanding or stressful workloads, noting that at times you may be called upon to respond to serious cyber security incidents that evolve at a rapid pace.

• An understanding of the current threat landscape and adversary tactic, techniques and procedures (TTP's).

• An understanding of network and host-based intrusion analysis methodologies.

• Previous experience within a Blue, Red, SOC, incident response, reverse-engineering or hunt team.

• Preferred Certifications - GIAC (e.g., GCIH, GCIA, GCFA, etc.), with offensive knowledge such as OCSP also beneficial.

Threat and intelligence

To be considered for a position in the threat intelligence team, you will possess a range of skills to support the CERT's capability to process and analyse threat information, contextualise indicators of compromise, and share the results with partners using structured data formats. You will have knowledge of static and dynamic malware analysis techniques. Ideally, you will also have software development experience in order to contribute to the maintenance and development of a range of internal applications in support of this capability. You understand many of the vulnerabilities that are exploited by threat actors and the mitigations that organisations may adopt in order to reduce their exposure. You will use this knowledge in addition to your sound researching skills to formulate and document advice for industry partners and the broader community. You will not undertake this work alone, you will have a capability to build and nurture collaborative relationships and to manage your work to meet deadlines.

Control systems security

The primary purpose of the control system’s team in CERT Australia is to provide a control system incident response capability for Australia. While we stand ready for that eventuality, day-to-day roles include assessing and publishing vulnerability advisories, progressing our main projects which include meeting with and advising partners and vendors, organising events where technical partners exchange control system cybersecurity information, providing advice to other areas of government, and providing and receiving training.
To be a successful applicant you will be a technical person, who has experience working in an engineering environment. Sectors of interest include transport, water, energy, petroleum and gas, and health. Systems of interest include all industrial control systems. These range from working with various industrial controllers, through forms of communication such as buses and protocols, and through architectures such as SCADA and DCS. We do not expect any one person to be experienced in all of these areas, but each applicant should be experienced in at least one area with more areas viewed more favourably. You should have a strong interest in cybersecurity, and ideally have some experience in that field. We are ready to train people in control system incident response and cybersecurity tools and techniques.

Tools and technologies

The Tools and Technologies Team in CERT Australia provides the underlying infrastructure, tools and technical support to the rest of the technical operations teams. The goal of the Tools and Technologies Team is to maintain, enhance and develop tools to assist technical operations.

To be considered for a position in the tools and technologies team, you will need a diverse range of skills to support the CERT’s cyber security mission. You will require problem solving skills, attention to detail, and an excellent working knowledge of Linux based systems and administration. You will also have understanding of the design, build, configuration and operation of a diverse range of systems and network devices, including virtualised environments, databases, web applications, cloud platforms, DNS, email, routers, firewalls and IDS. Knowledge and experience in monitoring and maintaining systems and applications securely, computer network defence, programming and scripting experience and demonstrated ability to learn new systems will be favourably considered. An understanding of incident response, artefact analysis, operating systems securely in a hostile environment would also be advantageous in the support of the other CERT teams.


Applicants must be Australian citizens to be eligible for employment at the Attorney-General’s Department.

The preferred applicant will be required to successfully undergo a police record check and be able to obtain and maintain a security clearance at a specified clearance level. The preferred applicant must be willing to disclose all relevant and required information.

Relevant qualifications and/or equivalent industry experience in a security analyst, incident response, engineering, systems administration or operational technology/industrial control setting.

Note: A technical challenge may be issued to candidates to evaluate skills claimed in the written application.


A technical challenge may be issued to candidates to evaluate skills claimed in the written application.

Non-ongoing opportunity will be offered for a specified term

Opportunities will be offered on an ongoing or non-ongoing basis depending on operational requirements.
Non-ongoing opportunities will be offered for a specified term of varying periods up to 18 months, with the possibility of extension. The maximum initial engagement period is 18 months which can possibly be extended to 3 years as per the Public Service Regulations 1999, Sub-regulation 3.5(3).requirements

RecruitAbility applies to this vacancy. Under the RecruitAbility scheme you will be invited to participate in further assessment activity for the vacancy if you choose to apply under the scheme; declare you have a disability; and meet the minimum requirements for the job. For more information see:

About Attorney-General's Department 

The Attorney General’s Department serves the people of Australia, and supports the Attorney General as First Law Officer, by providing high-quality legal services to the Commonwealth.

The department operates in a diverse and complex environment to address challenging issues. We have a highly-skilled and engaged workforce which includes practitioners in policy development and implementation and program administration. The department also has a large contingent of practicing lawyers, particularly within the Australian Government Solicitor, an element of the department.

The department is committed to having a flexible and inclusive workplace and recognises and values the diversity of the wider Australia community.

To find out more, visit our websites and

To Apply

Position Contact: Ken Radke, (07) 3292 2412
Agency Recruitment Site:
Applicants to vacancies notified in all formats of the electronic Public Service Gazette should be aware that;
.  the names of successful applicants may also be notified in all formats of the electronic Public Service Gazette
.  applicants found suitable may be offered similar employment opportunities by other Australian Public Service agencies
This notice is part of the electronic Public Service Gazette PS45-Wed - 08 Nov 2017 Published by Australian Public Service Commission.
Now viewing Notice 1 of 1