Network Security Engineer

Network Security Engineer 

• Daily Rate: $1000 - $1100
• Location: Mckell Building
• Contract End Date: 30.06.2027

> strong capability in secure remote access architecture, identity and access integration, and network security design across hybrid environments
> demonstrated experience with enterprise network security technologies
 
Primary purpose of the role
The Network Security Engineer is responsible for all the capabilities of a normal network engineer however must also have experience in the implementation of network security policies. The role also requires strong capability in secure remote access architecture, identity and access integration, and network security design across hybrid environments. This includes experience in designing and implementing VPN and VPN-less access solutions, integration with identity platforms, and aligning network controls with enterprise security frameworks.
 
Experience in dealing with CISO and security operations in government. 
 
In addition, the Network Security Engineer will have experience in designing, testing and implementation of routine installations of ICT hardware; including computers, network components, data storage and multi-functional devices in virtualised and cloud computing environments in accordance with industry standards including compatibility, security and sustainability. This engineer will complement the pool of engineers with a slant to infrastructure and networks and their understanding of complex network environments including, legacy, digital in a high availability service environment to provide solution, technical and business  impact assessments for a portfolio of delivery projects.
 
Key accountabilities

• Design and maintain secure remote access architectures, including VPN and VPN-less solutions (e.g. browser isolation, zero trust access models), ensuring alignment to enterprise security standards
• Lead the integration of network security controls with identity platforms, including Active Directory and identity governance solutions
• Define and implement firewall policy rules, segmentation controls, and access packages to enforce least privilege and secure access pathways
• Design and support identity-driven access models, ensuring appropriate provisioning, authentication, and session control mechanisms are applied
• Work with organizational tooling such as ServiceNow to ensure alignment to provisioning pathways, change processes, and operational workflows
• Understanding of CISO security policies and guidelines and ability to implement these
• Design and implement infrastructure solutions that adhere to current network standards in order to support the security policies in systems and services used by the organisation
• Determine the extent to which solutions perform "as required" within the current environment including monitoring the performance of systems and services in relation to their contribution to business performance, their security and sustainability to ensure that current and future solutions meet anticipated demand
• Ensure that installations are completed to time, cost and quality to minimise operational and project risk and to ensure costs are contained
• Apply infrastructure management tools to automate provisioning, testing, deployment and monitoring of infrastructure components to ensure optimal performance
• Ensure testing of hardware and software components, defect resolution, recording of results and handover of implemented solutions are conducted as per organisational standards, reducing the risk and adverse impact of change
• Ensure configuration management records are updated and end-user technology is fully documented to meet current and future infrastructure engineering requirements

 
Key challenges
Managing conflicting and/or concurrent hardware upgrades, refresh projects and programs given potentially competing demands. Understand the complex infrastructure and networks in the DCS cluster agencies environment and the associated security requirements
 
Key Relationships
 
Manager

• Escalate issues, keep informed, advise and receive instructions
• Identify emerging issues and risks and recommend solutions
• Participate in meetings and discussions to share information and provide input and feedback

 
Work Team / Vendors

• Work collaboratively to contribute to achieving business outcomes
• Participate in meetings to obtain the work group perspective and share information

Clients/Customers

• Resolve and provide customer focused solutions to issues
• Articulate the needs and requirements of the service and collaborate with to negotiate solutions, provide expert advice and regular updates

 
 
Role Dimensions
Decision making
This role has autonomy and makes decisions that are under their direct control as directed by their Manager. It refers to a Managers' decisions that require significant change to program outcomes or timeframes or are likely to escalate or require submission to a higher level of management. This role is fully accountable for the delivery of work assignments on time and to expectations in terms of quality, deliverables and outcomes. This role submits reports, provides input to business cases and other forms of written advice in collaboration with the project teams, vendors and architectural and security teams.
Ability to work with CISO and Network Operations and communicate and provide  security expertise and guidance in implementing these policies
 
 
Focus Capabilities
 
The focus capabilities for the role are the capabilities in which occupants must demonstrate immediate competence. The behavioural indicators provide examples of the types of behaviours that would be expected at that level and should be reviewed in conjunction with the role's key accountabilities.
 
Deep understanding of network security policies and their implementation across complex enterprise environments, including identity-integrated access models, remote access architectures, and segmented network designs
 
Personal Attributes
 
Self-Management

• Look for and take advantage of opportunities to learn new skills and develop strengths
• Show commitment to achieving challenging goals
• Examine and reflect on own performance
• Seek and respond positively to constructive feedback and guidance
• Demonstrate a high level of personal motivation

Collaboration

• Encourage a culture of recognising the value of collaboration
• Build co-operation and overcome barriers to information sharing and communication across teams/units
• Share lessons learned across teams/units
• Identify opportunities to work collaboratively with other teams/units to solve issues and develop better processes and approaches to work

 
Customer Service

• Take responsibility for delivering high quality customer-focused services
• Understand customer perspectives and ensure responsiveness to their needs
• Identify customer service needs and implement solutions
• Find opportunities to co-operate with internal and external parties to improve outcomes for customers
• Maintain relationships with key customers in area of expertise
• Connect and collaborate with relevant stakeholders within the community

 
Problem Solving

• Undertake objective, critical analysis to draw accurate conclusions that recognise and manage contextual issues
• Work through issues, weigh up alternatives and identify the most effective solutions
• Take account of the wider business context when considering options to resolve issues
• Explore a range of possibilities and creative alternatives to contribute to systems, process and business improvements
• Implement systems and processes that underpin high quality research and analysis

Technology

• Demonstrated experience with enterprise network security technologies including:
  • Cisco Identity Services Engine (ISE)
  • Palo Alto Networks firewalls and security platforms
  • SD-WAN solutions and secure network edge design
  • Cisco switching and routing technologies, including 802.1X authentication
• Strong understanding of:
• Secure remote access architectures (VPN and VPN-less solutions)
• Identity integration (Active Directory, identity governance platforms)
• ServiceNow workflows and provisioning pathways
• Firewall policy design, segmentation, and access control models
• Security Group Tagging (SGT) design and enforcement

 
 
Development & Implementation
 
Undertakes routine installations and de-installations of items of hardware and/or software and/or network connectivity, firewalls and any other networks and infrastructure as required by the project streams. Takes action to ensure targets are met within established safety and quality procedures, including, where appropriate, handover to the client. Conducts tests of hardware and/or software using supplied test procedures and diagnostic tools. Corrects malfunctions, calling on other experienced colleagues and external resources if required. Documents details of all hardware/software items that have been installed and removed so that configuration management records can be updated. Develops installation procedures and standards, and schedules installation work. Provides specialist guidance and advice to less experienced colleagues to ensure best use is made of available assets, and to maintain or improve the installation service.
 
Strategy & Architecture
 
Leads the development of secure access architectures, including Privileged Remote Access (PRA), identity-integrated solutions, and zero trust-aligned controls. Provides guidance on end-to-end access pathways, including authentication, authorization, network enforcement, and monitoring. Ensures solution designs incorporate segmentation, identity integration, and policy-driven access controls. Ensures that appropriate tools and methods are available, understood and employed in networks solution development. Within a change programme, leads the preparation of technical plans and, in liaison with business architectural, networks, security and project staff. Ensures that the appropriate technical resources are available to the project. Provides advice on technical aspects of solution development and integration (including requests for changes, deviations from specifications, etc.) and ensures that relevant technical strategies, policies, standards and practices (including security) are applied correctly.
 
 
Infrastructure
 
Provides technical expertise to enable the correct application of operational procedures. Uses infrastructure management tools to determine load and performance statistics. Contributes to the planning and implementation of maintenance and installation work, including building and configuration of infrastructure components in virtualised environments. Implements agreed infrastructure changes and maintenance routines. Configures tools to automate the provisioning, testing and deployment of new and changed infrastructure. Identifies operational problems and contributes to their resolution, checking that they are managed in accordance with agreed standards and procedures and security policies. Provides reports and proposals for improvement, to specialists, users and managers.
 
Systems Software
 
Reviews system software updates and identifies those that merit action. Tailors system software to maximise hardware functionality. Installs and tests new versions of system software. Investigates and coordinates the resolution of potential and actual service problems. Prepares and maintains operational documentation for system software. Advises on the correct and effective use of system software.
 
 
Networks
Provides solutions and contributes to solution documents deliverables for including :

• Strong capability in designing and implementing:
  • Segmentation strategies and firewall rule sets
  • Identity-based access controls leveraging AD, SGT, and policy frameworks
  • Secure onboarding of users, devices, and network components into controlled access environments
• Experience supporting PAM and PRA-related network integrations, including jump hosts, access gateways, and secure connectivity patterns
• Contribute or own networks solution documentation. This may be created by any of our engineers or a vendor arch depending on the project.
• We have approximately many projects in the DCS ICT portfolios. The network engineer may not be responsible for the total deliverables in all of these but will contribute or own most.
• Responsible for understanding the business impact from a network and infrastructure level with any changes taking place.
• They will need to work with project managers and system owners contribute to knowledge articles and support documentation.
• construct pilots in the test lab or out in production working with other network engineers and any vendor network engineers.
• go to sites to work with the business when required.
• Oversee the project from an infrastructure and networks solution impact perspective E2E
• Major contributor or owner to the solution documents
• Contribute to CISO/Security Operations solutions, documentation and implementation

If you are interested, click apply. Candidates must be AUS citizens/ PR and based in Sydney