STATUS: This Position Is No Longer Available

IT & Telecomms / IT Security

Contract or Temp

Position : Senior Security Expert

Location : Brisbane

Gateway Synergy is looking for highly experienced Security Engineer contractor for a government department.

The Role:
The Senior Security Expert will provide services as a senior information and cyber security analyst, to oversee the technical implementation and delivery of a suite of priority cyber security services. This role is required to have in-depth knowledge of specific ICT security models to provide expert advice on the creation and operational maintenance of system roles, access authorisations, and security profiles and promote the development and exploitation of ICT security knowledge. The Senior Security Expert will be working in a small team.

Primary Technologies: MS-Office productivity applications, MS endpoints (server and desktop Operating Systems) and endpoint security controls associated with, DNS and other network protocols of interest to Cyber operations, Host based Intrusion Detection / Prevention Systems (HIDS/HIPS), Wintel, Linux and other mid-range platforms, secure network and gateway service technologies.

The Senior Security Expert Key Tasks/Duties may include some or all of the following:

  • Implement security/access management policies and procedures.
  • Plan and implement security policies and procedures.
  • Ensure security regulations are observed at all times and ICT teams follow methodology.
  • Review scheduled security reports to track and report on compliance.
  • Perform complex risk assessments to identify high-risk access privilege assignments and segregation of duties conflicts.
  • Monitor and manage change requests to ensure that ICT systems are under change control.
  • Provide expert technical advice, support and recommendations on security best practices.
  • Manage alignment of cyber security controls with corporate level information and cyber security requirements.
  • Assess cyber security/access management policies and procedures.
  • Assess and report on cyber security policies, procedures and controls relating to the project and services.
  • Oversee validation activities for cyber security projects to completion.
  • Provide expert technical advice, support and recommendations on best practices in relation to government information and cyber security policy, threat and risk management frameworks.
  • Proactively share knowledge and expertise as the cyber security subject matter expert and provide assistance and mentorship to less experienced colleagues.
  • Document a range of technical / risk assessment documentation and reports including (but not limited to):
    • a. Security Risk Assessments (SRA).
    • b. Threat and Risk Assessments (TRA).
    • c. Statements of Applicability (SoA).
    • d. Security Risk Management Plans (SRMP).
    • e. Privacy Impact Assessments (PIA).
  • Negotiate, engage and manage relationships with other service providers to build security services and related project delivery capability.
  • Collaborate with a broad range of internal and external stakeholders to achieve project outcomes.
  • Encourage innovation, continuous improvement and manage and support change.

Core responsibilities include:

  • Deliver a range of technical / risk assessment documentation and reports relating to the delivery of cyber projects including (but not limited to):
    • a. Security Risk Assessments.
    • b. Threat and Risk Assessments.
    • c. Statements of Applicability.
    • d. Security Risk Management Plans.
    • e. Privacy Impact Assessments.
  • Provide leadership, direction, and oversight for services and activities to support the projects.
  • Manage the assessment and reporting of information and cyber security risks, governance and compliance controls with regard to systems, processes, procedures, tools and techniques utilised by the services.
  • Provide leadership on system and process management at the organisational and business levels.

The Candidate:
Essential criteria

  • Demonstrated experience and success delivering governance, risk and compliance documentation including SRA, TRA, SoA, SRMP and PIA, using Federal Government information security policy (i.e. Information Security Manual, Protective Security Policy Framework) and Cyber Security principles and guidelines and recommended
    service offerings.

Desirable criteria:

  •  Demonstrated experience in supporting the delivery of strategic, contemporary cyber security solutions.
  • Demonstrated knowledge of industry Cyber Security frameworks, best practices and standards.
  • Demonstrated knowledge of industry public cloud best practices and standards.

What the role offers:

  • Up to $2000/day contracting rate for the right candidate
  • 5 months initial contract with 2×6 months extension
  • Hybrid working arrangement with 3 days WFO
  • Possibility of a 32 hour/week, 4 days working arrangement
  • A fun, collaborative and productive team.
  • Remote arrangement possible
  • Below the line role


If you would like to look at our other unlisted roles, you can find them at:

You must submit a CV on application prior to a phone call and be prepared to sign a nondisclosure. Feel free to call thereafter on the following 0485 835 307

How to Apply

Send us an email Email Us
[email protected]

Apply online : Click here to apply