POSITION DESCRIPTION

Transcription

1 POSITION DESCRIPTION Protective Monitoring Centre (PMC) Manager Directorate: Location: Protective Security (PS) Wellington Purpose of position: The Protective Monitoring Centre (PMC) Manager, Protective Security is responsible for the delivery and performance of all Unit activities to ensure the secure, efficient delivery of NZSIS protective security and intelligence objectives. The PMC, which is a Security Information and Event management (SIEM) function, is responsible for log data collection and analysis enterprise monitoring for anomalous behaviour and providing evidence to aid investigations. The PMC infrastructure and systems are in themselves a selfcontained unit, fully architected, supported, and resourced by the PMC team. Our mission at the NZSIS is to keep New Zealand and New Zealanders safe and secure Our values are Collaborative, Courageous, Positive, Driven and Self-aware Protective Security purpose: The Protective Security (PS) Directorate delivers a full range of protective security functions to the New Zealand Intelligence Community (NZIC) and for New Zealand. Our focus is also on leveraging the strong foundations that we have established to enhance our recognition as a NZIC protective security exemplar and to assists key New Zealand institutions to mitigate their insider threat risks through effective security clearance management, vetting services and counter intelligence functions. The PS Directorate also leads the implementation of the Protective Security Requirements (PSR) programme, which aims to substantially improve the security culture of the public service and, potentially, the private sector.

2 Key accountabilities Deliverables/Outcomes Lead the delivery of PMC including: (a) Effective Financial Management PMC expenditure is measured and appropriate when compared to its ROI. The PMC Operating budget is socialised with and agreed upon by all contributing agencies well in advance of the new financial year. (b) The development and delivery of the PMC business plan. The draft PMC Capital budget is acknowledged by all relevant stakeholders well in advance of the new financial year. The PMC business plan is provided to and acknowledged by stakeholders across the NZIC prior to each new financial year. The PMC business plan is reported against quarterly to relevant stakeholders across the NZIC. (c) The management of PMC projects. PMC Projects are managed and delivered through appropriate project management methodologies. Business cases are prepared and projects are appropriately resourced and actively managed to meet delivery timeframes. (d) PMC Analyst Team Delivery All reporting leaving the NZIC PMC is reviewed and approved by the PMC Manager. All statements and conclusions in any official reporting have been checked by the PMC Manager to be certain of their accuracy when compared to the referential data. Improvements in workflow for the Analyst team are actively sought out and implemented. (e) PMC Content Development Team Delivery Oversight of both the PMC Engineering and PMC Development teams is seen to produce outputs that enable the PMC Content Development Team. (f) PMC Software Development Team Delivery Goals set for the PMC Software Development Team are aligned with NZIC goals. Best practices are followed by the PMC Software Developers. (g) PMC Engineering Team Delivery The overarching direction of the PMC infrastructure is set in a direction consistent with NZIC goals. Infrastructure choices align to NZIC standards wherever possible. (h) Audit and compliance Work with IT security to ensure change management processes are established and effective. Work with IT security to ensure accreditation of PMC networks and systems are achieved and

3 Key accountabilities Deliverables/Outcomes maintained. Works with stakeholders to ensure all systems are appropriately monitored. (i) Advice and guidance Lead ongoing development and fine tuning of analytical capability. Recommendations on improving enterprise, information and personnel security to relevant stakeholders are provided. Direction in the collection of log data is provided. Implement a programme of continuous process improvement. People Leadership and Management They demonstrate effective leadership and operational guidance to direct reports. They lead, champion and model the principles of security and NZSIS values in all aspects of their work. All team members have meaningful development plans and receive regular feedback on progress. Employee issues (including non-performance) are successfully addressed. Development opportunities for reporting personnel are identified and pursued. A high level of engagement within the team is developed and maintained. Input to development of workforce, recruitment and succession plans. Create and maintain a positive culture. Operational Leadership Efficient and secure delivery of all activities undertaken in pursuit of NZSIS protective security and intelligence objectives. The Unit works collaboratively and co-ordinates effectively with other NZSIS teams and partner agencies on operational matters. Team members fully understand their role and requirements and are provided with effective oversight, guidance and support to ensure that they are successful. Contributing to the development of frameworks and policy to guide and direct PMC operational activities, which are regularly reviewed. Ensuring that operational priorities are clearly articulated and managed.

4 Key accountabilities Deliverables/Outcomes Strategic alignment and resource management Commitment to exploring opportunities for continuous improvement. Positive and effective implementation of change. Effective operational risk management. Unit outputs and deliverables are aligned to Directorate strategic intent and business plans. Contributions are made to NZSIS and NZIC policy and strategy projects as required. Directorate and Unit strategies are championed and implemented at the operational level. Input is provided into operational training courses as required. All staff are aware of how they contribute to the achievement of strategic goals. Effective budget management and reporting in accordance with financial authority, with approval sought from immediate manager for any departures from budget, or anticipated overexpenditure. Management of key partnerships Effective working relationships with key NZSIS partners are enhanced and maintained. Effective relationships with external stakeholders are developed and maintained to support NZSIS s purpose at an operational level. The reputation of NZSIS is positively viewed by key liaison stakeholders. The Assistant Director Security Services is kept informed of relevant issues that have an impact on the PMC Unit and its outputs. Risk management All Team/Unit activities take account of security, operational and organisation reputational risk and these risks are managed to approved standards and escalated to the Assistant Director Security Services where appropriate. Health and safety (for self) Work safely and take responsibility for keeping self and colleagues free from harm Report all incidents and hazards promptly Know what to do in the event of an All operational activities are consistent with NZSIS legally mandated role and functions. A safe and healthy workplace for all people using our sites as a place of work All requirements in the NZIC Health and Safety policy and procedures are met

5 Key accountabilities emergency Cooperate in implementing return to work plans Be a visible role model at all times Follow NZSIS s safety rules and procedures Health and safety (for team): Inform, train and equip staff to carry out their work safely Ensure prompt and accurate reporting and investigation of all workplace incidents and injuries Assess all hazards promptly and ensure they are managed Other duties Deliverables/Outcomes Any other duties that fall within the scope of the position Position delegation Financial delegation: Level 4 Key stakeholders Internal: Operational Managers across the NZIC NZIC Information Technology Managers NZIC Security Governance Group NZIC Security and Intelligence Board Other NZIC staff External: Management and engineering peers from partner agencies. Counterparts and Senior Managers within the wider New Zealand Intelligence Community and central government agencies. Other partner intelligence agencies and law enforcement organisations. Hardware, operating systems and virtualisation support supplier and contractors. Software providers. Other relevant public or private sector organisations as required.

6 Person Specification Experience: Knowledge and Skills: Essential Proven leadership ability including experience in leading and maintaining highly performing teams and delivering results through others. Budget management and reporting experience. Demonstrated planning experience and provision of operational risk management and guidance. Proven experience in building and maintaining positive and productive work relationships. Proven experience in operational policy development and implementation. Desirable Experience in IT security or computer science. Proven experience with log analysis tools. At least seven years experience in IT security or computer science. Experience in defining and implementing policy, and managing or auditing security or IT systems. An understanding of the legislative basis and context from which NZSIS operates. Demonstrated experience in both engineering and software development environments. Essential Demonstrated Project Management. Demonstrated judgement and initiative to respond appropriately to dynamic situations. The ability to remain calm and make sound decisions under pressure, even without full information. A strong customer service ethic with the ability to manage collegial and effective working relationships. Strong interpersonal, verbal and written communication skills, including the ability to present technical issues clearly, tailoring communications to meet audience needs. Desirable An understanding of intelligence operations and how they contribute to national security outcomes.

7 Person Specification Qualifications and Courses: Essential Tertiary level qualification (Bachelor level) or equivalent experience. Preference for Information Technology, Computer Science or equivalent, with an emphasis on information security. Desirable Project Management Certification. Specific Job Requirements: This role requires a high level of trust, personal integrity and discretion and an ability to maintain a TSS security clearance. Pro-actively and efficiently manages workload, priorities and time. Self-motivated, innovative, possessing enthusiasm and drive. Demonstrates sound problem solving ability. NZIC Competencies In addition to the Person Specification above, competency standards which outline the development requirements of the position are set out under the NZ Intelligence Community (NZIC) Career Pathways framework. The Career Pathways framework enables progression within the job. Full descriptions of progression competencies and an overview of the NZIC Career Pathways framework is available on appointment. The position is aligned to the Frontline Leader competency framework. Changes to Position Description Positions in the NZSIS may change over time as the organisation develops. Therefore we are committed to maintaining a flexible organisation structure that best enables us to meet changing market and customer needs. Responsibilities for this position may change over time as the job evolves. This Position Description may be reviewed as part of planning for the annual performance cycle. Date PD reviewed: 21/09/2018 Signatures Manager s Name

8 Signature Date: Employee s Name Signature Date: