Security (Information & Communication Technology) Join an organisation that has been recognised as 'one of Australia's best places to work', winning multiple Employer of Choice awards in recent years for professional development, employee benefits and culture.QTC is the central financing authority for the Queensland Government and provides financial resources and services for the State. We manage the State's funding program in the global capital markets to deliver sustainable and cost-effective borrowings for the Queensland Government, local governments, and other related entities (our clients). With a statutory role to advance the financial interests and development of the State, we help to deliver innovative, long-term solutions that contribute to the growth of Queensland's economy. We protect Queensland's financial interests and deliver better financial outcomes by centralising the management of our clients' borrowings, cash investments, and foreign exchange. Purpose of RoleThe Principal, Security Governance role is integral to maintaining the organization's cyber health and resilience against cyber threats. This role is responsible for developing and maintaining robust information security processes, ensuring disaster recovery (DR) readiness, contributing to the cyber security strategy, and managing cyber risk in alignment with business objectives. Additionally, it encompasses enforcing compliance with standards like the ACSC Essential 8 and ISO27001, evolving cyber reporting for management, and supporting security operations. The role also entails assessing third-party vendor risks, updating security training to reflect the current threat landscape, and coordinating audit and penetration testing activities to address vulnerabilities promptly.Responsibilities & AccountabilitiesStrategy, Policies and ProceduresDevelop and maintain Information Security processes and operational procedures.Ensure technical DR processes are maintained across all services, including those delivered by QTC's key vendors.Provide input into the development and maintenance of QTC's Cyber Security Strategy.Develop and manage Cyber Security Risk Management processes with an understanding of business requirements and alignment with cyber strategy with business objectives.Standards, Reporting and ComplianceEnsure compliance with agreed targets and cyber security standards (eg. ACSC Essential 8, ISO27001).Develop, maintain and apply a roadmap to ensure alignment with the Cyber strategy and standards.Develop, maintain, and evolve QTC's cyber reporting for all levels of management.Support the broader security operations team in the implementation and management of security controls across QTC's technology environment.Third Party Vendor RiskWork with procurement, legal and business stakeholders across the organization to assess and manage third-party vendor risk.Review and assess vendor security certifications to ensure validity and applicability to the service being delivered. Cyber Awareness and training Support the delivery of security awareness campaigns.Update security training content to ensure it remains relevant to the evolving threat landscapeAudit, Vulnerabilities and Penetration findings.Co-ordinate and support the successful completion of cyber audit and penetrations testing activities across QTC.Support the remediation of all findings to ensure they are addressed in the agreed timeline.QualificationsRequires Tertiary qualification in Information Technology, Computer Science or Computer Engineering or equivalent experience.Certifications in Azure Architecture (AZ-305)Industry certifications such as TOGAF, CISSP, CCSP, SC-100, ISO27001, NIST and AZ-500Qualifications in Microsoft Power Platform and Microsoft Dynamics.Experience10 years of experience delivering security services in complex, high availability technology environments that deliver critical services.5 year experience in establishing and running operations security governance frameworks. Experience implementing public cloud solutions, preferably Microsoft Azure.Experience in delivering services through an outsourced I.T support model, where there is a heavy reliance on external vendors to deliver services and solutions.3-5 years experience leading teams of technology professionals.Experience within the financial industry. Experience delivering services in a government body. Why will QTC be the best work of your career?We do work that improves Queensland for generations. We are a leader in finance, creating meaningful solutions with profound outcomes. We set the standard in financial solutions. We address the challenges of today, with results for tomorrow.We are an inspired team of solution creators. We believe that curiosity is the ultimate problem solver. That the best teams are united by trust, not divided by ego. And that diversity sets us apart.We recognise that developing our people leads to their success, that energised teams create brighter outcomes and that with the freedom to challenge, we can strive for better together. We are dedicated to investing in your future. We understand that an energised mind is cultivated by time and investment, that developing future leaders requires commitment and that your best work starts with your best self. Benefit from a best-in-class professional development program, flexible work, leadership programs, study support, paid-parental leave, salary packaging and a corporate wellbeing program (including discounts for you and your family to a range of fitness facilities close to home or work).
#J-18808-Ljbffr
