The successful candidate will contribute to the development and maintenance of an information security framework aligned with industry standards, Queensland Health established frameworks and regulations for effective governance, risk, and compliance.Role responsibilities:Apply a working knowledge of relevant regulations, Information Security Management System (ISMS) based on ISO 27001 and associated policy and guidance documentation to support compliance and performance uplift across the health system.Facilitate internal reviews to enhance visibility of compliance obligations and information security risks for audit activities.Collaborate with stakeholders to monitor compliance and control performance with applicable frameworks and support Queensland Government policy readiness and reporting requirements.Establish a continuous compliance monitoring program with a focus on critical systems and data protection needs.Identify and address risk-based compliance gaps, providing expert advice to stakeholders for developing action plans.You will be assessed on your ability to demonstrate the following key capabilities, knowledge and experience.
Within the context of the responsibilities described above under 'Key Responsibilities', the ideal applicant will be someone who can demonstrate the following:Demonstrated experience in developing, maintaining and applying information security governance, compliance and risk management frameworks, methodologies and guidelines to ensure robust information security compliance.Demonstrated skills in the planning and analysis of ICT system compliance, performance, risks and issues and the formulation, design and provision of appropriate solutions and improvements in consultation with subject matter experts.Demonstrated skills in the review and continuous improvement of an Information Security Management System (ISMS).Ability to work autonomously and apply contemporary leadership principles that contribute to the maintenance of an effective and motivated compliance program.Specific Working Conditions:There are no mandatory requirements for this role, however relevant qualifications and/or experience in information technology, project management, assurance/audit, governance, compliance, risk, information security management systems or cyber security will be highly regarded.While not mandatory, a detailed understanding and experience with the Queensland Government Information Security Policy, industry frameworks and legislation such as ISO 27001, Australian Signals Directorate Essential Eight, Information Privacy Act 2009 and Security of Critical Infrastructure Act 2018 would be highly desirable.Highly developed leadership and management skills, and highly effective written and oral communication skills are also highly desired.Benefits of working with eHealth Queensland: By joining eHealth Queensland, you will work within a fast-paced, challenging and supportive environment where every employee plays a critical role in our ongoing success.You will enjoy a variety of benefits, including:Competitive salary + generous superannuation and leave loadingFlexible working arrangementsDiverse work cultureCareer training and developmentTo apply for this exciting opportunity, submit your resume and a cover letter or short statement (maximum 2 pages) online today.#J-18808-Ljbffr