Principal Advisor - Information Management and SecurityResources (Organisation site)
Digital Enterprise Capability Office (DECO); Finance and Digital Strategy; Business and Corporate Partnership; Brisbane CBD
Discover a purpose-driven career with the Department of Natural Resources and Mines, Manufacturing and Regional and Rural Development. Unleash your potential and #MakeADifference!
You will be responsible for the development and implementation of enterprise-wide strategies and operating procedures, which strengthen the information management and information security practices and governance within the department, including the information security management system (ISMS) and cyber awareness. You will provide expert advice at a senior executive level on risk controls and treatments and provide input to guide planning, relating to information management and information security.
Key Responsibilities: Lead the development of agency-wide strategies, policies, procedures, guidelines, and frameworks, relating to information management and information security, and including skills and capability growth, in consultation and collaboration with Information Technology Partners (ITP).Monitor the department's information asset portfolio, as part of our enterprise architecture, partnering with, and coaching asset custodians and managers, to help meet policy obligations.Lead the maturing of the department's Information Security Management System (ISMS) providing direction to the ISMS operational lead, and leading strategies for continual improvement of the ISMS over time.Contribute to incident response strategy and planning, including providing input into the development and management of incident response plans and information security 'playbooks', and participating in cybersecurity exercises, within the department, Partnership and at a whole-of-government level.Lead advice and recommendations to the department's Digital Strategy and Information Security Subcommittee (DSISS), Audit and Risk Committee (ARC) and the departments Leadership Team on information management and security, including the provision of updates, presentations and contributing to discussions as required.Operational lead for engagement with the Queensland Government Cyber Security Unit, the Chief Information Security Officer, Privacy, Organisational Resilience and Legal teams, and with the Office of the Information Commissioner, as required.Lead the operationalisation of WoG (Whole of Government) policies and frameworks relating to the treatment and management of data, information, and security, across the department, including considerations for the collection and sharing of information.Work as a central coordination point to help ensure that information incidents are appropriately reported in timely manner, and that post-incident reviews are conducted, to identifying opportunities for stronger controls and risk treatments.Other duties as directed and required.Applications will remain current for 12 months.
Further informationWe are committed to building inclusive cultures in the Queensland public sector that respect and promote human rights and diversity.
Please ensure you download all attachments and follow the instructions on how to apply.
#J-18808-Ljbffr