Chief Information Security Officer

About this role

• Lead the development and implementation of a cohesive cyber and Information Security framework.
• Full time fixed term opportunity up to 5 years to work within Technology Solutions and Data Security
• SES Grade 2: $279,239 - $401,017 Total Remuneration Package.

The Department of Justice and Community Safety is seeking a Chief Information Security Officer to lead the department's cyber and Information Security management functions.
About the Business Unit
Corporate Services and Infrastructure (CSI) oversees and leads the key public accountability requirements of the department, including finance, asset management, procurement, risk management, audit, governance, performance reporting, climate change and environmental sustainability, statutory planning and related functions. The group also manages the governance and delivery of major infrastructure projects through the Community Safety Building Authority, and information and communications technology (ICT), including cyber and Information Security management.
The Technology Solutions and Data Security unit provides specialist information technology, policies, strategies, guidelines, operations and services, including telecommunications services, to all business units in the department and a number of portfolio agencies.
About the Role
The Chief Information Security Officer is responsible for leading the cyber and Information Security capabilities of the department, and leading collaboration and engagement across the Justice portfolio.
Some of your duties will include:

• Lead the development and implementation of a cohesive cyber and Information Security framework and associated policies, systems and tools to uplift controls and processes to promote the safe and reliable delivery of Justice services in accordance with current and emerging standards.
• Continuously assess cyber health and maturity of key Justice assets and provide relevant, timely and actionable cyber and Information Security threat intelligence to appropriate stakeholders.
• Identify and develop timely responses to anomalous behaviour and events impacting digital assets and identities.

To learn more about this role before applying, please read the attached position description.
About you
To be successful in this role, you will have:

• Sound knowledge and demonstrated experience in the application of common Information Security management frameworks, such as ISO/IEC 27001, and NIST.
• Significant experience in risk management and Information Security, with demonstrated high-order achievement in the provision of specialist and authoritative advice and the development and implementation of associated strategies, policies, and operational systems and practices.
• Demonstrated understanding of current legislation relating to cyber and Information Security, including the Privacy and Data Protection Act 2014, the Health Records Act 2001, and the Public Records Act 1973, and associated policy frameworks.
• Highly developed relationship building and stakeholder management skills, with a track record in building and maintaining successful relationships with a broad client base including portfolio and central agencies, ministerial offices and service providers.
• A proven track record in developing innovative strategies and solutions to address complex problems through the application of conceptual, analytical and problem-solving skills.
• A proven track record in leading high performing teams and promoting a culture which is inclusive, encourages initiative and innovation and strives for continuous improvement.

Qualifications

• A tertiary degree in computer science, information technology or related field.

How to apply
Please click the Apply button on this advertisement. Applications should include a resume and covering letter. Attachments can be uploaded in .doc, .docx, .pdf, .txt or .rtf formats.
The successful candidate will be required to undergo pre-employment checks which may include national police checks and misconduct screening.
If you require adjustments to the recruitment and selection process, or require an alternative format to any of the application material, please don't hesitate to get in touch with the contact person listed on this ad.
FOR INTERNAL VPS EMPLOYEES:

• For this particular vacancy, priority consideration applies to Victorian Public Service (VPS) and select employees of the Victorian Public Sector who apply through the Jobs Skills Exchange (JSE) jobs board platform.
• For all VPS employees, due to the new Jobs Skills Exchange (JSE) policy, please apply through the JSE to be eligible to be considered for this position in the first round.

IMPORTANT INFORMATION:
CHILD SAFE STATEMENT OF COMMITMENT:
The Department of Justice and Community Safety is committed to the safety and wellbeing of children and young people. We seek to prevent harm of any kind impacting children and young people and have zero tolerance for racism, child abuse and inequality. Children and young people's rights, relationships, identity, and culture must be recognised and respected, their voices heard, and their concerns acted upon. We aim to foster a culturally safe, child safe and child friendly environment for all children and young people we have contact with, deliver services to, or are impacted by our work.