Company Logo

Governance, Risk and Compliance (GRC) Lead


Job Description

Our name isn’t the only thing that’s unique about Leidos Australia. We’re a complex systems integration company building world-class solutions across government and defence that ensure peace of mind for the entire nation. Supported by global backing from our US network, we’re trusted by our customers to deliver the most innovative answers to their most complex challenges. Seriously interesting work that benefits and safeguards every Australian. That’s where you come in...

Job Description

Passionate about Governance, Risk and Compliance (GRC)? This Lead position is pivotal in ensuring the ongoing ICT security accreditation for a major program delivering ICT infrastructure here in Canberra. 

This permanent opportunity will be responsible for providing services to ensure compliance with the applicable Information Assurance (IA) frameworks, policies, and standards (with particular focus on Information Security manual (ISM) and Defence Security Manual (DSM). 

Duties include, but not limited to:

  • Develop, implement and maintain security governance, including security frameworks, policies, and standards, for a major ICT infrastructure program in accordance with Information Security Manual and Defence Security Manual.
  • Develop, implement and maintain the Security SOPs and SSPs supporting certification and accreditation for the service being delivered;
  • Develop certification and conformance evaluation criteria to ensure successful system acceptance.
  • Maintain and improve the system security documentation package 
  • Liaise with service delivery areas, client management and client security areas to ensure security processes are effective and have been implemented in the Service Delivery areas.
  • Conduct routine audits to validate the certification and conformance readiness state achieve System Certification and Accreditation.
  • Lead identification, implementation and review of the full range of I&A measures to ensure certification and accreditation is maintained in a complex environment.

What you'll bring

  • Experience in performing and/or successfully preparing for iRAP assessments, certification and accreditation across ICT infrastructure delivery;\
  • Hands on or technical security compliance audit experience across a range of platforms including networks, Windows, Unix and Linux in Government context; 
  • Substantial experience designing and developing IA frameworks, policies, and standards for mid-to-large organisations and in leading IA plans and projects..
  • Substantial experience collaborating with business partners, application development, and technical teams to establish objectives and ensuring that these objectives were satisfied.
  • Experience or demonstrated knowledge in applying policy and compliance assessment at a technical level across networks, Windows and Unix/Linux environments.

Highly Desirable

  • Bachelor's Degree in Computer Science, Information Security, Information Systems, or related field, or equivalent professional experience and specialised training commensurate with assignment;
  • Applicable security certifications, such as CISSP, CISA, CISM;
  • Current iRAP or desire and ability to become iRAP;
  • Must hold a minimum of NV1 OR NV2 clearance. 

Additional Information

Due to the nature of the role, the successful candidate must be an Australian Citizen, hold a government NV-1 security clearance, with the expectation of obtaining an NV-2.

At Leidos you’ll enjoy 12 weeks’ paid parental leave as a primary carer, flexible work practices, discounted health insurance, novated leasing and more. Foster your career through complete access to learning and development and mentoring opportunities, we have a strong track record of internal promotion and career transitions.