Take the next step in your career with this exciting opportunity within eHealth. The Senior Specialist Cyber Security (PAM) role will provide subject matter expertise on privileged access management service, manage and maintain the departmental PAM solution and provide solution architecture recommendation in relation to the platform. Relevant CyberArk certification is highly desired, but not mandatory. Cyber Security and Privilege Access Management experience and high-level technical knowledge is required. The role will support and assist the Cyber Security Group to reduce cyber risk and improve efficiency by managing local administrator access, monitoring, and managing enterprise administrators, securely managing passwords and external privileged access.

Job details

What you'll do  

• Provide subject matter expertise on CyberArk's PAM solution
• Maintain and provide privileged identity inventory, monitoring and access remediation processes which result in removal of inappropriate (or no longer required) user access.
• Perform Enterprise Privilege Vault (EPV) Administration and management of user credentials and application definitions, rules and policies.
• Undertake data collection analysis, auditing and reporting to maintain compliance with policies, standards and regulations.
• Manage Endpoint Privilege Manager Advanced Threat Protection (ATP) capabilities such as ransomware and credential theft protection as a preventative cyber defence technique.
• Leverage the MITRE ATT&CK framework to develop additional detection and response capabilities for various techniques that have been publicly recorded.
• Stay up to date with the relevant TTP's (Tactics, Techniques and Procedures) that threat actors are using to target similar organisations.

About you  

We are searching for someone who has:

• Demonstrated ability to develop and promote Information Technology Service Management (ITSM) processes based on the ITIL framework, primarily incident / problem / change / release / configuration (SFIA Code: ITMG 5, USUP 4; PBMG 5; CHMG 4)
• Demonstrated expertise in identifying and communicating information security risks and issues. Ability to performs basic risk assessments for information systems. Contributes to vulnerability assessments. Applies and maintains specific security controls as required by security policy and cyber security risk Investigates suspected attacks. Responds to security breaches in line with security policy and records the incidents and action taken. (SFIA: SCTY 3)
• Demonstrated ability to perform Privilege Access Management solution administration and provide subject matter expertise
• Demonstrated ability to perform basic SQL administration supporting the Privilege Access Management solution
• Demonstrated technical expertise and experience in the following technology domains to analyse ICT system issues and contribute to the design and implementation of appropriate solutions and improvements. (SFIA Code: SYSP 4; TECH 4, HSIN 5)
  • Privileged Access Management
  • Identity Access Management
  • Microsoft Windows Server administration (2016 and recent releases)
  • Microsoft Windows 10 and 11 (OS and Hardware)
  • Virtualisation (VMware vSphere) supporting VDI
  • Scripting technologies (VBscript, PowerShell)
  • Unix Server Management and CLI

Why work with us?  

Work alongside passionate professionals in a supportive and inclusive environment that values people and prioritises employee success and wellbeing. 

Competitive salaries 

• 12.75% superannuation  
• 17.5% leave loading 

Employee wellbeing & development 

• Access to 24/7 confidential employee support providers and counsellors including for immediate family members 
• Additional flexibility to support your work life balance including access to generous leave entitlements, such as purchased leave, domestic violence leave, reproductive health leave, cultural leave, study and examination leave. 
• Access to a variety of programs and initiatives to support training and career growth.  
• Grow your skills through hands-on experience and access to internal training opportunities and additional financial and leave benefits for approved external training and development. 

Our commitment to equity, diversity and inclusion  

At Queensland Health, our work environment is inclusive and supportive, and we value our employees. We are an equal opportunity employer and encourage applications from people of all cultures, abilities and backgrounds.  

Our commitment to cultural safety, equity, diversity and inclusion means we understand some people may need changes to the recruitment process. If you need support during the recruitment process, such as meeting with the panel virtually instead of in person, please reach out to the hiring manager. We value diverse candidates and your need for adjustments will not affect our hiring decisions.  

Ready to apply? 

For further information on how to apply please review the attached Role Description.  

Further information

We are committed to building inclusive cultures in the Queensland public sector that respect and promote human rights and diversity.

Applications will remain current for a period of up to 12 months and may be considered for other vacancies which may include an alternative employment basis such as temporary, full time or part time.

Documents

Before applying for this vacancy please ensure you read the documents below.

• Senior Specialist Cyber Secruity PAM RD (PDF)
  
  DoH Applicant Pack (PDF)