Principal Advisor Information Security (AO7) Cyber Planning and Policy Design

About us

The Queensland Fire Department (QFD) provides fire prevention preparedness and response services to fire in the built and landscape environments as well as scientific and specialist capabilities to Queensland communities. The QFD provides a multi-hazard emergency response including road crash rescue bushfire hazardous material technical and vertical rescue severe weather incidents remote and swiftwater rescue and provides a number of functions supporting community safety outcomes.

The department encompasses Queensland Fire and Rescue (QFR) Rural Fire Service Queensland (RFSQ) as well as the broader department which work together to pre-empt prevent mitigate and manage the consequences of fires and other emergencies on Queensland communities and support our large volunteer membership across the state.

QFD are proud to be recognised as an employer of choice for women by Work180 and celebrate all diversity by committing to a culture where people feel safe respected valued and engaged.

The QFD is an organisation that is committed to reframing the departments relationship with Aboriginal and Torres Strait Islander peoples communities and organisations through activities identified in the QFD Reframing the Relationship Plan contributing to Closing the Gap outcomes and building our cultural capability.

Purpose of role

As Principal Advisor Information Security (AO7) you will lead the development and maturity of QFDs information security policy standards and Information Security Management System (ISMS).

Reporting to a highly experienced Executive Manager you will be trusted to own your role take the lead on ISO/IEC 27001 and translate complex cyber and information security concepts into clear practical guidance for non-technical leaders and stakeholders.

This role suits someone who enjoys explaining why security matters - not just what needs to be done.

Key requirements

Highly desirable requirements

• Minimum of 5 years experience developing and implementing information security management frameworks strategies policies and standards.
• High-level experience in delivering cyber security risk assessments.
• Knowledge and/or experience or qualifications in ISO/IEC 27001 Lead Implementer/ Implementing an ISMS.
• Certified Information Systems Auditor (CISA) or Certified Information Security Manager.

Your key accountabilities

Your part in the ongoing success of our department in supporting key frontline services will see you responsible for a variety of work including but not limited to:

• Develop communicate and maintain enterprise-level information security plans strategies policies standards and guidelines consistent with the departments ISMS goals and objectives.
• Provide strategic advice and analysis on contemporary information security and technology issues and their potential impact upon the department achieving its goals.
• Develop and communicate contemporary information security material to promote awareness and advice on security concepts to ensure information and data resources are managedand meet compliance.
• Build and maintain effective working relationships by communicating and negotiating with information management and information communication technology professionals and external stakeholders to promote sound information security practices throughout the organisation.
• Research and prepare reports submissions briefing notes and correspondence on a range of complex information security issues and initiatives in accordance with departmental requirements and governance.
• Effectively represent the departments interests on various working groups networks and information security forums to present and/or oversee the implementation of initiatives and business improvement strategies and ensure positive outcomes.
• Participate as an active team member of the branch and directorate in the development of operational plans information and communication technology strategies and information architectures consistent with departmental enterprise architecture.

Capabilities

To determine your suitability for the role you will be assessed on the following Leadership Competencies for Queensland behavioural profiles that link to the key accountabilities for this role:

Leadership Competency Stream Individual Contributor (leading self)

Vision

• Stimulates ideas and innovation
• Leads change in complex environments

Results

• Builds enduring relationships
• Drives accountability and outcomes

Accountability

• Fosters healthy and inclusive workplaces
• Demonstrates sound governance

Once you join us we will want you to exemplify the QFD shared values of:

• Respect
• Integrity
• Trust
• Courage
• Loyalty