Job title: Security Architect
Job type: Contract
Emp type: Full-time
Pay interval: Hourly
Pay rate: negotiable
Job published: 03/03/2026

Job Description

Job Title: Security Architect

Security Clearance: TSPV

Duration: Initial 12 months with 2 x 12-month extensions

Industry: Information Technology

Functional Expertise: Cyber Security

Sub-functional Expertise: Security Architecture

Location of work: Canberra

Working arrangements: Onsite

Closing date: 9AM Tuesday 10th March 2026 

Description:

Our client is seeking an experienced Security Architect to support the delivery of systems integration capabilities. The successful candidate will operate at an APS EL1 equivalent level and undertake complex problem solving, issues management and sensitive project activities that may influence strategic and operational outcomes.

The Security Architect will be responsible for managing stakeholder relationships, translating business requirements into technical specifications, and developing secure technology solutions aligned with Government security frameworks, including the Essential Eight, ISM, PSPF and NIST.

Responsibilities:

  • Inform and validate security requirements for new and existing capabilities, applying requirements traceability to solution designs, implementations and configurations.

  • Assess the suitability of solution components against relevant architectures, strategies, policies, standards, practices and security requirements, identifying issues and proposing risk reduction options.

  • Provide risk-based security advice to support solution implementation, including managing security elements of change requests and deviations from specifications.

  • Obtain, advise and act on threat intelligence and changes to the technology landscape.

  • Author and review security documentation including tailored security risk assessments and business impact analysis.

  • Contribute to the approval of designs through architectural, security and stakeholder bodies, ensuring appropriate technical and security input.

  • Discuss security implications of high-level and detailed designs with stakeholders and develop pragmatic solutions to minimise security risk.

  • Develop and maintain security documentation including:

    • System Overview Document (SOD)

    • Statement of Applicability (SOA)

    • Standard Operating Procedures (SOP)

    • Security Risk Management Plan (SRMP)

    • System Security Plan (SSP)

    • Incident Response Plan (IRP)

  • Lead and manage the security accreditation process for integration projects.

  • Validate project artefacts to ensure security requirements are accurately addressed.

  • Perform certification or validation of systems to support accreditation through collection and analysis of cyber security data.

  • Contribute to agency security initiatives.

Requirements:

  • Demonstrated experience leading security accreditation activities for complex ICT systems.

  • Strong knowledge of Government security frameworks including Essential Eight, ISM, PSPF and NIST.

  • Experience conducting security risk assessments, business impact analysis and system accreditation.

  • Proven ability to translate business requirements into secure system and technical specifications.

  • Experience engaging and managing stakeholders across technical and non-technical areas.

Key Capabilities:

  • High-level analytical and problem-solving skills in complex environments.

  • Ability to provide risk-based, pragmatic security advice.

  • Strong written communication skills, including development of detailed security documentation.

  • Capability to assess and manage security risks across large or complex systems.

  • Ability to balance functional, service quality, security and systems management requirements in system design.

Essential Criteria:

  1. Demonstrated and proven capability and capacity to provide the Key duties and responsibilities, and Technical skills, as set out in the RFQ.

  2. SCTY 5 (Information Security) Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems. Investigates major breaches of security, and recommends appropriate control improvements. Contributes to development of information security policy, standards and guidelines.

  3. INAS 4 (Information Assurance) Performs technical assessments and/or accreditation of complex or higher-risk information systems. Identifies risk mitigation measures required in addition to the standard organisation or domain measures. Establishes the requirement for accreditation evidence from delivery partners and communicates accreditation requirements to stakeholders. Contributes to planning and organisation of information assurance and accreditation activities. Contributes to development of and implementation of information assurance processes.

  4. DESN 5 (System Design) Specifies and designs large or complex systems. Selects appropriate design standards, methods and tools, consistent with agreed enterprise and solution architectures and ensures they are applied effectively. Reviews others’ systems designs to ensure selection of appropriate technology, efficient use of resources, and integration of multiple systems and technology. Contributes to policy for selection of architecture components. Evaluates and undertakes impact analysis on major design options and assesses and manages associated risks. Ensures that the system design balances functional, service quality, security and systems management requirements.

Desirable Criteria:

  1. Holds a Degree in computer science or other relevant field.

  2. Demonstrated experience providing tailored and robust ICT security advice to technical and project staff.

  3. Demonstrated experience developing and applying security architecture best practices to enterprise and bespoke ICT systems to achieve capability outcomes with proportionate security assurance.

  4. Certified IRAP Assessor.

How to apply:

Please submit your application including your resume and a completed application form addressing the essential and desirable criteria. Ensure your application highlights your experience and any relevant certifications.