Skip to main content

Sr Mgr, Security Operations

Brisbane, Queensland Job ID CS20202209-50921
Apply Now

L3Harris is dedicated to recruiting and developing diverse, high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers’ mission and quest for professional growth. L3Harris provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our culture is an unwavering focus on values, dedication to our communities, and commitment to excellence in everything we do.

L3Harris Technologies is an agile global aerospace and defense technology innovator, delivering end-to-end solutions that meet customers’ mission-critical needs. The company provides advanced defense and commercial technologies across air, land, sea, space and cyber domains. L3Harris has approximately $18 billion in annual revenue and 48,000 employees, with customers in more than 100 countries.

Description:

Job Title: Sr Mgr, Security Operations

Job Code:  CS20202209-50921

Job Location:  Australia - Brisbane

Position Description - Chief Security Officer (CSO)

The Australian Government Protective Security Policy Framework (PSPF) sets clear lines of accountability for protective security in non-corporate Commonwealth entities, establishing defined roles and responsibilities including the role of Chief Security Officer (CSO). 

The CSO’s overarching responsibility is to support their accountable authority to achieve the entity’s security outcomes by providing strategic, entity-wide oversight of protective security across security governance, information security (including ICT), personnel security and physical security—either directly or through a security governance committee.

CSO’s key responsibilities

• Implement the requirements of the PSPF within the entity;

• Set the strategic direction for the entity’s protective security planning and risk management;

• Effectively integrate security into the entity’s risk and business processes and decisions;

• Champion a positive security culture that is supported by effective security awareness training;

• Embed efficient and effective security management, awareness and practices;

• Prioritise appropriate staffing levels, resources and funding to support delivery of protective security

Outcomes;

• Realise optimal security maturity through clear understanding of vulnerabilities, decisions and future plans;

• Manage the entity's response to security-related crises, incidents and emergencies and establish monitoring mechanisms across the entity;

• Determine when a security incident is serious or significant enough to commence an investigation;

• Monitor security performance to achieve required protections, identify emerging risks, build security

capability, mitigate unacceptable security risks, and improve security maturity. 

CSO obligations across the PSPF policies

Summary of CSO obligations with respect to the PSPF policy 

Security oversight:

Support the accountable authority by being responsible for entity-wide oversight of protective security and direct all areas of security to protect the entity's people, information (including ICT) and assets.

Security arrangements and appointments:

Tailor security arrangements to the scale and complexity of the entity and its risk environment, including by appointing sufficient security advisors to support the day-to-day delivery of protective security outputs and to perform specialist services.

Security planning and procedures:

Establish effective procedures to achieve security outcomes that are consistent with the PSPF

and other Australian Government policies and legal requirements–including for investigating,

responding to, and reporting on security incidents.

Positive security culture:

Foster a positive security culture that supports entity personnel to understand their role in

managing security risk, reinforced by practices that embed security into entity operations.

Security awareness training:

Ensure personnel (including contractors and those travelling or located overseas) complete

annual security awareness training so they can understand and meet their security obligations.

Implement the PSPF:

Direct the entity’s implementation of PSPF requirements giving consideration to the entity's size,

operations and risk environment.

Risk Management:

Develop a comprehensive security plan to articulate how the entity will manage its security risks,

spanning all areas of protective security.

Alternative mitigations:

Document any decisions to implement an alternative mitigation measure or control to a PSPF

requirement, and adjust the maturity level for the related PSPF requirement.

Managing intelligence and threat information:

Disseminate and manage intelligence and threat information to stakeholders across the entity.

Security performance measures:

Establish security performance measures to monitor the effectiveness of protective security

activity to achieve required protections, address security risks and improve security maturity.

Preparation of entity’s annual PSPF security report:

Oversee preparation of the annual PSPF security report to accurately reflect the entity’s security

maturity level and detail how the entity is addressing areas of vulnerability.

Certification and accreditation authority:

Ensure ICT systems are certified and the appropriate level of security is being applied, with

residual risks accepted by the relevant accreditation authority.

Security clearances - eligibility waivers for citizenship and checkable backgrounds:

Where the accountable authority has delegated responsibility, consider and approve requests to

waive an uncheckable background or citizenship requirement on the basis of a risk assessment. 

Information sharing:

Ensure effective information sharing within the entity and with authorised vetting agencies to

facilitate the ongoing assessment and management of the suitability of personnel to access

Australian Government resources, including meeting security clearance maintenance obligations. 

Access control:

Granting ongoing (or regular) access to entity facilities for people with a business need who are not directly engaged by the entity or covered by the terms of a contract or agreement, only if the

person has the required level of security clearance for the facility's security zones and subject to

a business case and risk assessment (reassessed on a regular basis at least every two years). 

Security zone certification and accreditation:

Before a facility is used operationally, ensure the facility’s Zones are certified and accredited in

accordance with the PSPF.


Apply Now

Join Our Talent Community

Sign up for job alerts and be the first to know about our job openings.

Select a job category and/or location, then click "Add" for each saved search. Finally, click "Sign Up" to create your job alert.

Interested In

  • IS, Brisbane, Queensland, AustraliaRemove
  • Business & Operations, Brisbane, Queensland, AustraliaRemove

You have not saved any jobs.

View All Jobs

Awards and Recognition

Fortune 2021 - World's Most Admired Companies
Forbes 2020 Award - Worlds Best Employers
Great Place to Work
Forbes 2020 Award - World's Best Employers for Veterans
HRC
Bloomberg Gender Equality Index
Forbes 2020 Award
Top HBCU Supporters
CEO Action
Catalyst CEO
SWE
NSBE