Cyber Security Manager (GRC)

Join us in strengthening the department’s cyber security posture by leading the development, enhancement and maintenance of a robust governance, risk and compliance framework. This role plays a critical part in safeguarding departmental information through a mature ISMS, proactive risk management and alignment with Queensland Government policies and standards. As a trusted team member, you will drive cyber governance, lead compliance activities, guide continuous improvement and foster a culture of cyber awareness across the organisation. If you are passionate about uplift, collaboration and shaping a secure digital environment, this role offers the opportunity to make a meaningful strategic impact.

This role is responsible for leading and maintaining a strong governance, risk and compliance framework that underpins the department's Information Security Management System (ISMS) and overall cyber security posture. You will ensure the department is protected against emerging threats by implementing best-practice approaches, meeting Queensland Government requirements and embedding proactive security management across all business areas.

In This Position, You Will

• Lead the development, enhancement and ongoing maintenance of the department's ISMS and cyber security governance framework, ensuring alignment with strategic objectives and government policy.
• Provide expert guidance on cyber security and ISMS-related risks through comprehensive risk assessments, treatment planning, continuous monitoring and clear reporting.
• Oversee compliance activities for the Queensland Government Information and Cyber Security Policy (IS18) and the Queensland Government Enterprise Architecture (QGEA) frameworks, ensuring obligations are met and evidence is well documented.
• Design and implement contemporary ISMS and cyber security practices, tools and methodologies that reflect both Queensland Government and global industry standards.
• Manage key tools, processes and controls supporting cyber governance, including coordinating mitigation strategies and maintaining visibility of security performance indicators.
• Present information, recommendations and updates to committees, governance forums and working groups, representing Cyber and Architecture Services as required.
• Manage cyber security team resources and the ISMS/cyber security work plan, ensuring clear priorities, accountability and delivery of audit recommendations.
• Support internal and external compliance, assurance and audit activities, working closely with the Director to drive continual improvement.
• Foster a culture of cyber security awareness, capability and shared responsibility across the department through education, communication and engagement.
• Provide prompt, effective coordination of security incident responses to reduce risk and operational impact.
• Champion a safe, respectful and inclusive workplace culture, free from bullying, discrimination and harassment.
  
  
  

To be successful, you will bring demonstrated experience in information and cyber security governance, risk and compliance, strong knowledge of ISMS frameworks and the ability to translate technical requirements into clear, actionable advice for diverse stakeholders. Your leadership, communication and relationship-building skills will support collaboration across business areas and ensure the department maintains a secure, resilient and future-ready cyber environment.

Applications to remain current for 12 months.

Occupational group IT & Telecommunications