Information Technology Security Officer

at  Boeing

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values. We’re committed to fostering an environment for every teammate that’s welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us.
Location:
Brisbane
Category:

BOE/1789728

No File Attached
Share This:
Do you aspire to help build something better? Would you like to work for a company that employs the best talent to develop and deliver world class capabilities and systems to protect Australia and its national interests? Would you like to work on cutting edge projects? Then we would like to talk to you.
As an equal opportunity employer that promotes a diverse and safe workplace environment, one of the country’s leading and preferred defence partners, Boeing Defence Australia (BDA) is seeking Information Technology Security Officers (ITSOs) based in Brisbane to support the MQ-28 Program.
Our ITSOs are an integral part of the Information Security team within the program. On the program, they act as information security advisors in locality, working closely with our engineering teams, system administration staff and the Commonwealth of Australia on cutting edge next generation systems. In addition to performing an advisory role, ITSOs also have an operational focus that includes ensuring the continuous monitoring and information assurance of our systems while keeping key stakeholders informed of the security posture of the system.
ITSOs are directly responsible for maintaining the confidentiality, integrity and availability of program systems. Other responsibilities will include designing, implementing and maintaining the security enforcing functions and capabilities of ICT environments for MQ-28. This role and some of its expectations of routine work will be conducted in accordance with the Commonwealth Information Security Manual (ISM), Protective Security Policy Framework (PSPF) and Defence Security Principles Framework (DSPF).
This role will report into the MQ-28 Project Manager for Cyber and Secure Networks, under Guidance from the BDA Chief Information Security Officer (CISO) and MQ-28 System Owner.
This role is based in Brisbanebut will require regular travel to Woomera, SA to support the MQ-28 Program.

EXPERIENCE/QUALIFICATIONS

• This position requires an active Australian Security Clearance at the NV1 Level with the ability to upgrade to NV2.
• Experience with deployed systems as an ITSO or system administrator will be highly regarded
• Experience in deployed environments and test environment work spaces will be highly regarded.
• Familiarity with DFIR operations within the Australian Government context, with a good working knowledge of the ISM, PSPF, DSPF.
• It is likely that a candidate may have a diploma or degree in cyber security, IT or related discipline.
• Industry certifications are highly desirable, CISSP, CRISC, CISM, SANS certification, 27001k Lead Auditor or Implementer certification or exposure, formal DFIR training (highly regarded) and/or other cyber security certifications.
• Good understanding of computer intrusion activity and incident response techniques.
• Highly organized, task oriented, self-starter that demonstrates a high degree of initiative and requires minimal supervision.
• Ability to make and/or change plans, goals and actions in response to an evolving business environment with the awareness to operate as a focal for incident response across the program.
• Ability to perform planned or unplanned travel regularly within or outside assigned region.
• The ability to communicate and collaborate with a diverse team, in a conscientious and inclusive way is valued by our team.
• Previous experience in a similar role is highly desirable.
• Applicants must be Australian Citizens to meet defence security requirements.

• Act as a security champion and advisor in all localities the systems operate within, interfacing with all levels of the program, including BDA, Contractor and Commonwealth staff.
• Being able to communicate complex security risk, engineering and posture related information to a wide range of stakeholders from individual contributors and team leads through to senior leadership other senior risk owners.
• Assist in the design, verification and validation of security enforcing functions within ICT environments including MQ-28 Ground Segment, Labs and other secure environments.
• Conduct continuous monitoring and system level assurance auditing on program systems, including further engineering implementation and maturity uplifts including but not limited to:
• Identity and access management of all accounts on the system;
• Event logging, collection and aggregation activities;
• Security Incident Event Monitoring (SIEM) configuration, tuning and troubleshooting
• System assurance during implementation, along with risk reporting into the program GRC Team for system deficits;
• Monitor system performance and system capability reporting;
• Endpoint security and hardening;
• Patch Management verification;
• Vulnerability scanning;
• Supporting secure data traversal activities;
• Familiarity with COMSEC and other government security or high assurance equipment;
• Incident response and digital forensics; and
• Creation and maintenance of documentation of the environment’s configuration and operational processes.
• Conduct on the job training (OTJ) and briefings on system and security related topics as needed.
• Being focused on solution-oriented outcomes, enabling the program while meeting the System accreditation requirements as the highest priority.
• Contribute to Risk Working Groups on risks raised at both System or Program level as required.
• Empower a culture of safety, security and compliance across the business.