Security Certification Analyst

  • Company:
    Downer Group
  • Location:
  • Salary:
    negotiable / month
  • Job type:
  • Posted:
    3 days ago
  • Category:

Who We Are:

Downer Defence Systems provides a broad range of professional and managed services, asset sustainment and estate upkeep services to the Australian Defence Force, the New Zealand Defence Force and other government agencies.

About The Role:

The Security Certification Analyst will join Downer to assist with the delivery of Commonwealth Defence projects. The successful candidate will actively plan and manage the delivery of Information Security Manual (ISM) certification and accreditation artefacts. They will also be responsible for leading, planning, executing, managing and monitoring the ISM certification and accreditation artefacts through to delivery according to predetermined timelines and budgets.

Required Experience:

  • Demonstrated knowledge in conducting security assurance activities against ISM or related information security policy frameworks.
  • The preparation of security artefacts (Security Risk Management Plan (SRMP), Statement of Applicability (SOA), System Security Plan (SSP), System Overview Document (SOD), Standard Operating Procedures (SOPs) and Incident Response Plan (IRP).
  • Ability to work under limited supervision to achieve assurance outcomes.
  • Well-developed analytical and conceptual skills.
  • Responsibilities:

    Ensure consistent communication and flow of information across channels within the project team.

    Delivery of:

  • System Accreditation Plan.
  • Security Risk Management Plan (SRMP).
  • Statement of Applicability (SOA).
  • System Security Plan (SSP).
  • Standard Operating Procedures (SOPs).
  • Contribution to:

  • IT security architecture analysis and design.
  • Incident Response Plan (IRP).
  • System Overview Document (SOD).
  • Qualifications:


  • Degree qualification in Information Technology, Computer Science, or related field or relevant industry experience in Engineering or Information Technology that is transferable to the security domain.
  • Desirable:

  • Information Security Registered Assessors Program (IRAP) certification or equivalent experience.
  • CISSP, CISM or ISO27001:2013 Lead Auditor.
  • Security :

    Candidates must be Australian citizens with a minimum  NV1  security clearance or be eligible to obtain an Australian Government Security Clearance prior to commencement of engagement. Applicants residing outside of Australia or non-citizens will not be considered.

    To register your interest hit “Apply now” or contact Jason at for more details. 

    (Please note: Downer does not accept applications via email)