Careers at ASIC

• ASIC is seeking a full time Data Security Architect to join their Cyber Security Team
• A great opportunity to provide security leadership for how we design and implement systems that protect data that is hosted in the cloud and in our hybrid architectures
• Temporary (12 months) position based in Sydney

A future with ASIC means that your work will contribute to ASIC's vision for a fair, strong and efficient financial system for all Australians. We value what you will bring. We value those with sharp, analytical minds and are open to challenging the way things are done. 

The team

Cyber Security provides a wide range of services including security architecture & design, incident response and cyber assurance for ASIC.  We make use of the latest security technology with an increasing focus on automation and analytics to secure and support ASIC on its journey to be a 'best in class regulator supporting the Australian financial markets. 

The role

• working as an internal customer-facing specialist leading in-depth technical security architecture assessments with solution architects, data scientists, developers, IT administrators, IT management, and business stakeholders to ensure the delivery of secure data solutions 
• designing and overseeing the implementation of data security controls for Azure/AWS and traditional Oracle, MS SQL, and data warehouse technologies
• defining technologies, security controls, and operating protocols that protect data hosted in the cloud from loss, inappropriate alteration, or misuse 
• assessing the completeness and effectiveness of data security controls and solutions to identify capability gaps, security weaknesses and potential attack vectors 
• assessing SaaS and PaaS services against the Australian Cyber Security Centre (ACSC) Information Security Manual (ISM) and industry cloud security control frameworks 
• working with data solution architects to enhance the security controls on the existing data platforms and solutions 
• contributing to the Cyber Security architecture principles, patterns, roadmaps, frameworks and building blocks 
• coordinating and performing threat modelling sessions with the IT and data solution architects as part of solution designs 
• coordinating and facilitating the onboarding of data solutions into the SOC threat monitoring program, including identification of the solution-specific attack vectors  
• creating and maintaining cyber security documentation including solution designs, assessment reports and architectural artifacts 
• assisting the Cyber Security Team Leads with the continual improvement of the cyber security tooling, processes, culture, and service provision 

About you

• A tertiary qualification and/ or equivalent experience in a cyber security role with demonstrated experience as a data security architect
• ​Demonstrated knowledge & experience in: 
• securing Databricks (essential), along with other data lake and AI/ML technologies, such as Snowflake and Spark
• designing and implementing data security controls for Azure/AWS; Oracle, MS SQL and other traditional databases, and for data warehouse technologies
• ​the security architecture of Data & Analytics tools, technologies, and platforms, such as Power BI, Qlik, and R Studio
• ​securing all data solution touch points (APIs, file transfers, data storage, and so forth)
• ​A clear understanding of enterprise-scale cloud and hybrid infrastructure security 
• ​Awareness of security frameworks applicable to Australian Government entities, including the Protective Security Policy Framework (PSPF), the Information Security Manual (ISM), and the ASD Essential Eight 
• ​Awareness of industry security frameworks and standards including the NIST standards, and the ISO 27001 standards 
• ​Technical aptitude and the experience to continually learn new security technologies and understand relevant security market trends 
• ​Demonstrable skills in assessing, analysing, and resolving complex client and stakeholder related queries, utilising all relevant sources of information, media and stakeholder channels, data, reporting, systems and/or databases 
• ​Excellent interpersonal and consultative skills 
• ​Ability to effectively present complex information to project and senior level audiences both verbally and in writing.  
• ​Ability to work independently with limited supervision and be accountable for outcomes  
• ​Experience working collaboratively with multifunctional project teams, building, and maintaining productive working relationships. 
• ​Formal security certifications are desired but not essential. Examples include Certified Information Systems Security Professional (CISSP), CISSP-ISSAP, SABSA Chartered Security Architect, Certified Cloud Security Professional (CCSP), or other related cloud security architecture certifications.​

About ASIC

ASIC is Australia's corporate, markets, financial services and consumer credit regulator. Our vision is for a fair, strong and efficient financial system for all Australians. 

A future with ASIC means that your work will contribute to achieving ASIC's vision. 

ASIC is an equal opportunity employer seeking people who want to make a difference. ASIC is committed to a diverse and inclusive workplace where the very best talent in Australia chooses to work. Applications from people of all ages, cultural backgrounds, abilities, LGBTIQ+ identity, and people of Aboriginal and Torres Strait Islander decent are encouraged to apply.  

To work with us, you need to be an Australian citizen, and be prepared to complete an ASIC Suitability and Baseline Assessment which is issued ASIC's Security team.  

View the position description for more information or click ‘apply' to start your application.

Applications for this role will close at 11:59pm on Friday 31 March 2023.