Cyber and Information Security is responsible for managing the agency's roadmap and response to the departments information and technology by effectively managing risks and associated cyber security, information availability, information privacy and Information Security requirements and infrastructure operations, while enabling and advancing business outcomes.Reporting to the Executive Director, Information and Technology you will provide leadership and direction through all functions of the branch, including managing human resource, financial and budget, planning and program management, and reporting. You will be responsible for driving, influencing and managing strategic change for Cyber and Information Security within the agency by developing (with specialist partners) and Information Security approach that is fit for purpose and consistent with industry standards and frameworks.Job details Position status Permanent
Position type Flexible full-time
Occupational group IT & Telecommunications
Classification SO
Workplace Location Brisbane - North
Job ad reference 19781
Closing date 12-May-2024
Yearly salary
Fortnightly salary
Total remuneration
Salary Other
Job duration
Contact person GarthWilshire
Contact details 0475 043 838
Access theAbout usAs a department our purpose is to help the community to prevent, prepare for, respond to and recover from the impact of fire and emergency events.Queensland Fire and Emergency Services (QFES) is the primary provider of fire, rescue and emergency management programs and services throughout Queensland. The department encompasses the Fire and Rescue Service, disaster management services, the Rural Fire Service and the State Emergency Service, and also supports other volunteer groups providing emergency response to Queenslanders.Purpose of the roleCyber and Information Security is responsible for managing the agency's roadmap and response to the departments information and technology by effectively managing risks and associated cyber security, information availability, information privacy and Information Security requirements and infrastructure operations, while enabling and advancing business outcomes.Reporting to the Executive Director, Information and Technology you will provide leadership and direction through all functions of the branch, including managing human resource, financial and budget, planning and program management, and reporting. You will be responsible for driving, influencing and managing strategic change for Cyber and Information Security within the agency by developing (with specialist partners) and Information Security approach that is fit for purpose and consistent with industry standards and frameworks.Key requirementsHighly desirable requirements
- Minimum of 5 years' experience in leadership roles specialising in risk management, Information Security, ICT security and modern cloud native environments.
- 4 + years experience managing and supporting Information Security in a mid size to large IT environment across a wide range of technologies and applications.
- 2 + years experience as lead in planning for Information Security capabilities.
- Demonstrated understanding of a wide range of architecture models, service deployment models and operational and security frameworks.
- Certifications of either Cyber Information Security Manager (CISM) or Cyber Information Systems Security Professional (CISSP) preferred.
- Lead and manage the development and execution of the Cyber Security Framework and Roadmap to define and deliver initiatives in support of business strategies and objectives, ensuring the department meets it's obligations under cyber security standards.
- Provide strategic guidance and risk advice for the agency's Cyber and Information Security requirements to inform continuous improvement strategies and ensure effective decision-making processes.
- Promote the agency's Cyber and Information Security approach to senior executives, vendor partners and internal and external stakeholders to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy and recovery of information assets
- Lead, manage and coordinate ongoing threat assessments to identify key risks to the organisation and adoption of relevant treatment plans to contain Information Security incidents and events, and protect the department's IT assets, intellectual property, regulated data and reputation.
- Develop and implement initiatives focused on reducing technology risk and ensuring compliance to Queensland Government policies and regulatory standards.
- Evaluate existing technology implementations and new technology initiatives, and consider associated consequences for all aspects of Cyber and Information Security to improve the department's security posture.
- Develop, maintain and report a pragmatic suite of Information Security related metrics and key performance indicators to promote the culture of strong Information Security and appreciation of the importance of cyber security and data management with staff and vendors to mitigate Information Security risks.
- Manage human, financial and physical resources ensuring client service and performance management and drive a culture of accountability and fairness that encourages and enables teams and individual staff to meet challenges, develop skills and achieve results.
Vision
- Leads strategically
- Leads change in complex environments
- Builds enduring relationships
- Drives accountability and outcomes
- Fosters healthy and inclusive workplaces
- Demonstrates sound governance
- Respect
- Integrity
- Trust
- Courage
- Loyalty
- No File Attached