-
View all jobs
As a department our purpose is to help the community to prevent, prepare for, respond to and recover from the impact of fire and emergency events.
Purpose of role
Cyber and Information Security is responsible for managing the departments cybersecurity roadmap in conjunction with strategy and architecture team. The Cyber Planning and Policy Design team is responsible for information security, availability, confidentiality, privacy and integrity of the department's data while effectively managing cyber risks. The team is responsible for developing and reviewing policies, programs and guidelines, and promoting awareness of cyber policy and strategies across QFD.
Reporting to the Executive Manager you will use your technical expertise and understanding of how individual cyber threats and vulnerabilities work, including making risk-based assessments of the department's Information Technology (IT) environments to ensure all assets and systems are scanned for vulnerabilities that could impact the confidentiality, integrity and availability of QFD assets and data. You will provide expertise and guidance to a variety of stakeholders to support the functions of monitoring, investigation, containment, eradication, recovery, documentation and reporting on security vulnerabilities. You will ensure information security mitigations and solutions to IT applications, service and infrastructure are technically sound, consistent and compliant with relevant policies and standards across the organisation.
Key requirements
Highly desirable requirements
Responsibilities
Your part in the ongoing success of our department, in supporting frontline services will see you responsible for a variety of work, including, but not limited to:
Role
To determine your suitability for the role, you will be assessed on the following Leadership Competencies for Queensland behavioural profiles that link to the "key accountabilities" for this role:
Leadership Competency Stream - Individual Contributor (leading self)
Vision
Purpose of role
Cyber and Information Security is responsible for managing the departments cybersecurity roadmap in conjunction with strategy and architecture team. The Cyber Planning and Policy Design team is responsible for information security, availability, confidentiality, privacy and integrity of the department's data while effectively managing cyber risks. The team is responsible for developing and reviewing policies, programs and guidelines, and promoting awareness of cyber policy and strategies across QFD.
Reporting to the Executive Manager you will use your technical expertise and understanding of how individual cyber threats and vulnerabilities work, including making risk-based assessments of the department's Information Technology (IT) environments to ensure all assets and systems are scanned for vulnerabilities that could impact the confidentiality, integrity and availability of QFD assets and data. You will provide expertise and guidance to a variety of stakeholders to support the functions of monitoring, investigation, containment, eradication, recovery, documentation and reporting on security vulnerabilities. You will ensure information security mitigations and solutions to IT applications, service and infrastructure are technically sound, consistent and compliant with relevant policies and standards across the organisation.
Key requirements
Highly desirable requirements
- Minimum of 5 years' experience in risk management, information security, ICT security and modern cloud native environments.
- An Information Security Certification or qualification i.e. the Cyber Information Systems Security Professional (CISSP) or similar would be highly desirable
- Experience supporting cyber security in a mid-size to large IT environment across a wide range of technologies and applications.
- Knowledge of concepts, standards and frameworks in vulnerability management, such as Common Vulnerability Scoring Systems.
- Experience in consuming and utilising cyber threat intelligence to improve cyber security integrity.
Responsibilities
Your part in the ongoing success of our department, in supporting frontline services will see you responsible for a variety of work, including, but not limited to:
- Perform IT security risk-based technical assessments, and manage monitoring, investigation, containment, eradication, recovery, documentation and reporting on information assets, and proactively advocate for the implementation of appropriate measures to prevent or respond to potential information security issues.
- Conduct regular security investigations, risk and vulnerability assessments and develop reports on findings to provide strategic and tactical advice including recommendations on remediation and mitigation of future risks.
- Develop, review and implement vulnerability management policies, standards and procedures to ensure compliance with relevant data protection and privacy laws, and regulations that safeguard our organisation's networks and systems.
- Consult, negotiate and communicate with users, system stakeholders, vendors and ICT professionals to raise awareness, and to promote and implement a shared and consistent understanding of information security and cyber security vulnerabilities.
- Provide expert analysis and advice in relation to the department's information security threats and vulnerabilities and determine current maturity levels, and compliance with relevant legislation, regulations, standards, and frameworks applicable to information security requirements.
- Analyse multiple sources of vulnerability reports and determine what types of remediations are required to mitigate risk, streamline existing processes and implement information security efficiencies that improve our IT environment.
- Build and maintain effective working relationships with internal and external stakeholders, and suppliers to promote sound information security practices, and assist in developing strategies and activities to support effective security vulnerability management.
- Maintain, update and continually expand knowledge of developments and trends within the network and information security industry, and evaluate the benefit and applicability to departmental systems that enhance cyber security.
Role
To determine your suitability for the role, you will be assessed on the following Leadership Competencies for Queensland behavioural profiles that link to the "key accountabilities" for this role:
Leadership Competency Stream - Individual Contributor (leading self)
Vision
- Stimulates ideas and innovation
- Makes insightful decisions
- Builds enduring relationships
- Drives accountability and outcomes
- Fosters healthy and inclusive workplaces
- Demonstrates sound governance
- Respect
- Integrity
- Courage
- Loyalty
- Trust
Key Skills
Ranked by relevance
c
ha
ai
ui
esp
cyber security
sla
lan
ips
cis
ats
cyber threat intelligence
vulnerability assessment
technical expertise
security practices
cybersecurity
cloud native
unity
cissp
cloud
rust
aws
lua
wan
nat
pan
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Cyber Security Analyst
2026-04-08
Contract
Mid-Senior
Australia
Government Administration
Information Technology
View Job Details
Related
Junior Data Scientist
2026-04-10
Full-time
Not Applicable
Norway
Government Administration
Engineering
View Job Details
Related
Data / ML / AI Engineer
2026-04-10
Full-time
Not Applicable
Norway
Government Administration
Engineering
Login to Apply
- Posted
- Nov 21, 2024
- Type
- Full-time
- Level
- Not Applicable
- Location
- Brisbane
- Company
- Queensland Government
Industries
Government Administration
Categories
Information Technology
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Cyber Security Analyst
2026-04-08
Contract
Mid-Senior
Australia
Government Administration
Information Technology
View Job Details
Related
Junior Data Scientist
2026-04-10
Full-time
Not Applicable
Norway
Government Administration
Engineering
View Job Details
Related
Data / ML / AI Engineer
2026-04-10
Full-time
Not Applicable
Norway
Government Administration
Engineering