Cyber Security Architect

Tēnei tūranga – About the role

Reporting to the Cyber Security Portfolio Manager, this position provides cyber security risk analysis and assurance across MBIE.  

The Cyber Security Architect is responsible for conducting cyber security risk assessments across current and future ICT solutions using industry best practice to define and implement effective risk strategies.

The Cyber Security Architect contributes to ICT security policies, standards, strategies and roadmaps; and under-taking security certification of projects including performing the upfront risk analysis, developing continuous assurance processes for systems and conducting retrospective security assessments.

The Cyber Security Architect is responsible for ensuring quality and consistency of advice and practices in relation to their contribution to the team’s work.

Ngā herenga – Requirements of the role

Personal specifications

To be effective in the role, the Cyber Security Architect should have:

• 5 years of experience in information security risk management.
• Experience working with vendor management teams in risk assessments and due diligence reviews.
• Ability to learn systems quickly.
• Solid interpersonal skills including the ability to form trusted relationships.
• Communicates effectively, both formally and informally.
• Takes initiative to keep skills up to date.
• Maintains an awareness of developments in the industry.
• Demonstrates creativity, innovation and ethical thinking in applying solutions for the benefit of the customer/stakeholder.
• Ability to make the connections between various aspects of the organisation and implications for their business unit.
• Ability to assimilate new information or areas of work and come to an understanding of unfamiliar and complex issues.
• A good knowledge of risk frameworks and tools for complex operating environments.
• Developed analytical and conceptual thinking ability.
• Ability to quickly establish and build strong working relationships.
• Proven ability to develop trust and credibility with managers and staff.
• Understanding of MBIE and where the team fits in delivering outcomes for the Ministry.

Qualifications

• A relevant tertiary qualification or equivalent knowledge, skills, and experience, and a commitment to ongoing professional development.
• Security risk practitioner certification, or equivalent relevant Industry qualifications, e.g., CISSP, CISA or similar, would be a distinct advantage.
• Knowledge and understanding of NZISM.
• Must have the legal right to live and work in New Zealand.
• It will be a condition of employment to have the ability to gain a “Secret” level New Zealand security clearance if required.

Takohanga tuhinga o mua – Key accountabilities and deliverables

Cyber Security Risk Management

• Assesses and evaluates cyber security risk for information systems.
• Takes all requirements into account when making proposals.
• Conducts security risk and vulnerability assessments for defined business applications or IT installations in defined areas, and provides advice and guidance on the application and operation of elementary physical, procedural and technical security controls (e.g., the key controls defined in ISO27001).
• Analyses requirements and advises on scope and options for continuous operational improvement.
• Co-ordinates the development of countermeasures and contingency plans.
• Demonstrates creativity, innovation and ethical thinking in applying solutions for the benefit of the customer/stakeholder.
• Advises on the available standards, methods, tools and applications relevant to cyber security, and can make appropriate choices from alternatives.
• Refers to domain experts for guidance on specialised areas of risk, such as architecture and environment.

Relationship Management

• Manage constructive working relationships with work colleagues and external stakeholders to enhance understanding and cooperation needed to achieve desired results.
• Participates as an active team member and contributes knowledge and expertise needed to achieve MBIE’s outcomes.
• Develops effective working relationships with other MBIE managers and staff in order to transfer knowledge and learning from the team to the wider organisation.
• Builds and maintains effective relationships and partnerships with internal and external stakeholders, as necessary, in order to identify and share best practice information and to promote the Ministry, its products and services.
• Represents whole-of-Ministry views and protects its reputation in any external interactions.

Self-Management

• Takes responsibility for own behaviour and is open to development.
• Models positive behaviours.
• Models the desired values and culture of the organisation.
• Willingly shares knowledge, expertise and within the team and with others in the organisation.
• Acts with honesty and integrity.
• Welcomes feedback and is receptive to input from others.

Wellbeing, health and safety

• Displays commitment through actively supporting all safety and wellbeing initiatives.
• Ensures own and others safety at all times.
• Complies with relevant safety and wellbeing policies, procedures, safe systems of work and event reporting.
• Reports all incidents/accidents, including near misses in a timely fashion.
• Is involved in health and safety through participation and consultation.

Tō tūranga i roto i te Manatū – Your place in the Ministry

The Cyber Security Architect position reports into the Cyber Security Portfolio Manager within the Cyber Security branch. The branch sits within the Digital, Data and Insights group.

More information about MBIE’s structure

To mātou aronga – What we do for Aotearoa New Zealand

Hīkina Whakatutuki is the te reo Māori name for the Ministry of Business, Innovation and Employment. Hīkina means to uplift. Whakatutuki means to move forward, to make successful. Our name speaks to our purpose, Grow Aotearoa New Zealand for All.

To Grow Aotearoa New Zealand for All, we put people at the heart of our mahi. Based on the principles of Te Tiriti o Waitangi / The Treaty of Waitangi, we are committed to upholding authentic partnerships with Māori.

As agile public service leaders, we use our breadth and experience to navigate the ever-changing world. We are service providers, policy makers, investors and regulators. We engage with diverse communities, businesses and regions. Our work touches on the daily lives of New Zealanders. We grow opportunities (Puāwai), guard and protect (Kaihāpai) and innovate and navigate towards a better future (Auaha).

Ngā matatau – Our competencies

Cultivates innovation We create new and better ways for the organisation to be successful by challenging the status quo generating new and creative ideas and translating them into workable solutions.

Nimble learning We are curious and actively learn through experimentation when tackling new problems by learning as we go when facing new situations and challenges.

Customer focus We build strong customer relationships and deliver customer-centric solutions by listening and gaining insights into the needs of the communities we serve and actively seeking and responding to feedback.

Decision quality We make quality and timely decisions that shape the future for our communities and keep the organisation moving forward by relying on an appropriate mix of analysis, wisdom, experience, and judgement to make valid and reliable decisions.

Action oriented We step up, taking on new opportunities and tough challenges with purpose, urgency and discipline by taking responsibility, ownership and action on challenges, and being accountable for the results.

Collaborates We connect, working together to build partnerships with our communities, working collaboratively to meet shared objectives by gaining trust and support of others; actively seeking the views, experiences, and opinions of others and by working co-operatively with others across MBIE, the public sector and external stakeholder groups.

Te Tiriti o Waitangi

As an agency of the public service, MBIE has a responsibility to contribute to the Crown meeting its obligations under Te Tiriti o Waitangi (Te Tiriti). Meeting our commitment to Te Tiriti will contribute towards us realising the overall aims of Te Ara Amiorangi – Our Path, Our Direction, and achieve the outcome of Growing New Zealand for All. The principles of Te Tiriti - including partnership, good faith, and active protection – are at the core of our work. MBIE is committed to delivering on our obligations as a Treaty partner with authenticity and integrity and to enable Māori interests. We are committed to ensuring that MBIE is well placed to meet our obligations under the Public Service Act 2020 (Te Ao Tūmatanui) to support the Crown in strengthening the Māori/Crown Relationship under the Treaty and to build MBIE’s capability, capacity and cultural intelligence to deliver this.

Mahi i roto i te Ratonga Tūmatanui – Working in the public service

Ka mahitahi mātou o te ratonga tūmatanui kia hei painga mō ngā tāngata o Aotearoa i āianei, ā, hei ngā rā ki tua hoki. He kawenga tino whaitake tā mātou hei tautoko i te Karauna i runga i āna hononga ki a ngāi Māori i raro i te Tiriti o Waitangi. Ka tautoko mātou i te kāwanatanga manapori. Ka whakakotahingia mātou e te wairua whakarato ki ō mātou hapori, ā, e arahina ana mātou e ngā mātāpono me ngā tikanga matua o te ratonga tūmatanui i roto i ā mātou mahi.

In the public service we work collectively to make a meaningful difference for New Zealanders now and in the future. We have an important role in supporting the Crown in its relationships with Māori under the Treaty of Waitangi. We support democratic government. We are unified by a spirit of service to our communities and guided by the core principles and values of the public service in our work.

What does it mean to work in Aotearoa New Zealand’s Public Service?(external link) — Te Kawa Mataaho The Public Service Commission