Cyber GRC Lead (JORN)

Job Description

Cyber GRC Lead (JORN)

At BAE Systems Australia

• Do interesting work that MATTERS
• ENJOY what you do
• GROW your career
• Be YOU

We work in a thriving sector – one that puts us at the forefront of exciting and meaningful work. Every day we push boundaries to produce some of the world’s most innovative and ground breaking technology. Individually we all contribute to our success. Collectively we make the impossible possible.

Recognised for delivering projects of global and national significance that help keep Australia safe, it is our shared passion that shapes our culture, and our people that make it a great place to work.

About the OPPORTUNITY

We have a great opportunity for a Cyber GRC Lead to join our JORN line of business based at Adelaide. Please note that this is an onsite role and applicants from Melbourne will also be considered.

We embrace flexible work arrangements at BAE Systems Australia, such as working a 9-day fortnight.

Reporting to the JORN Cyber Security Manager, you will be responsible for the implementation and ongoing maintenance of the JORN Cyber Risk Management Framework.

You will Work closely with the JORN Cyber Operations Lead and Product Security Lead to champion a risk-based approach to cyber security.

Key responsibilities include:

• Responsible for Assessment and Authorisation activities for security domains within the JORN Enterprise
• Assist with the integration of the JORN Cyber Risk Management Framework into all stages of the development lifecycle
• Collaborate with project security and engineering teams as well as external stakeholders to ensure risks are captured from across the JORN Enterprise
• Ensure alignment of JORN Cyber Security Risk Management Framework with other engineering plans and procedures
• Continuous monitoring and reporting on the compliance status of systems within the JORN Enterprise
• Lead and manage the Assessment & Authorisation planning, documentation pack development and external assessment engagement
• Maintain cyber security risk registers and security risk management plans for all environments within the JORN Enterprise
• Lead the continuous accreditation approach with relevant accreditation authorities
• Prepare and chair working groups with key stakeholders to communicate, assess and recommend prioritisation of risk treatment

About YOU

• A degree in computer science, ICT/Engineering or a related discipline – desirable
• Demonstrated experience of training needs analysis, design and delivery of learning and development programs
• Working knowledge of Cyber Security Policy, protocols and standards
• Significant experience in a cyber security role, with a strong understanding of security principles, technologies, and practices
• Significant knowledge of security frameworks and standards (e.g., NIST, ISM, PSPF) and their application in enterprise environments.
• CRISC, CISM, CISSP or other relevant certification is highly desirable
• Excellent analytical and problem-solving skills, with the ability to assess complex security issues and recommend effective solutions
• Strong communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical stakeholders
• Defence security clearance NV2 or eligibility to obtain
• Eligibility to be cleared for International Traffic In Arms (ITAR) regulations

We believe in hiring for potential, we know that some candidates hesitate if they don’t tick all the boxes. If this role interests you, but you don’t meet all the criteria, we still encourage you to apply.

About US

You will be joining a workplace that truly cares about your wellbeing.

Our people are diverse and we value the variety of perspectives this brings, we know that a culture that is inclusive and fosters a sense of belonging is a place we can all make the most of our unique talents and be our best.

As Australia’s largest defence company in a rapidly growing sector, you will be connected into a global team and encouraged to explore where your career might take you whether that is a traditional career path or squiggly one, there are infinite possibilities for you at BAE Systems Australia.

BAE Systems recognises the sacrifices of those who have served our Nation and their families. We support our veteran community through our internal veteran network (VetNet Australia) and strong charitable partnerships, internal offerings including reserve service leave, a Veteran Mentoring Program and other exclusive offerings available through our strategic partners.

We welcome applicants from all people regardless of sex, gender identity, race, ethnicity, disability, pregnancy, age, or other lived experience; and strongly encourage applications from Aboriginal and Torres Strait Islander people for all positions.

We are proud to be recognised as an employer of choice for women by WORK180.

Awarded the 2024 Quarter 1 Benchmarcx Triple R- Excellence In Candidate Experience Certification. As a member of the Circle Back Initiative we commit to respond to every applicant.

To learn more about our competitive employee benefits, flexibility, other employment opportunities and what to expect from our recruitment process please visit: www.baesystemscareers.com.au

Clearances

As a Defence security clearance is required for this role, applicants must be Australian citizens and either possess or be eligible to obtain and maintain appropriate clearances. Further information regarding security clearances.