SASE IRAP Assessor
Job Description:
Australian Citizens With NV1 Clearance residing in Australia only respond
The AAT is embarking of a program of works to replace its aging network and
network security service architecture, more commonly known in Federal
Government as a Secure Internet Gateway (SIG). We are working with a
Managed Service Provider (MSP) to assist us design, deploy, test, and
migrate network services from our old architecture to a next generation
architecture leveraging the technology stack commonly referred to as
Secure Access Service Edge (SASE). The solution is a hybrid deployment
comprising of on-premises gateways and cloud gateways that reside in AWS
and Azure. The solution will be co-managed between the AAT and its MSP
under a shared responsibility model. The MSP is IRAP assessed which
covers the cloud components and management plane of the MSPs solution,
built upon AWS and Azure.
The AAT is seeking an IRAP assessor to perform a secure gateway assessment as required by Protective Security Policy Framework (PSPF) Policy 11, Supporting Requirement 2; Gateways.
The assessment should follow the prescribed assessment methodology as described in the Australian Cyber Security Centres (ACSC) Gateway Security Guidance Package: Executive Guidance | Cyber.gov.au
Its expected the IRAP assessor will provide advice on options to resolve any weakness or deficiency identified during assessment.
The assessment package should cover all components that comprise the solution and inherit controls where possible from suppliers or fourth party IRAP assessments.