Principal Information Officer (Privacy)

As a Principal Information Officer (Privacy) with the Information, ICT Governance and Risk (IIG&R) team within Information and Technology Services (ITS), you will be responsible for providing expert advice and input in the development of Privacy Information Management strategies particularly as it relates to the identification, classification, handling, storage and deletion of personal information. You will be developing and reviewing policies and procedures related to privacy information management and will be a part of a team who are improving governance and processes related to managing information security and data breach threats. This is your opportunity to be a champion for protecting personal information, providing expert advice and guidance, using best practice and Australian and internationally recognised standards.

Responsibilities

As a Principal Information Officer (Privacy) with the Information, ICT Governance and Risk (IIG&R) team within Information and Technology Services (ITS), your responsibilities will be as follows:

• Provide expert advice and input to the development of the department's ICT Governance, and Privacy Information Management strategies particularly as they relate to the identification, classification, handling, storage and deletion of Personally Identifiable Information (PII).
• Work with key stakeholders to coordinate the development and management of a Mandatory Data Breach Response Plan and relevant Information Privacy Policies and Procedures for the department.
• Develop processes and procedures related to Privacy Impact Assessments of new ICT initiatives to support a privacy by design approach to business processes and systems.
• Provide advice and recommendations to ensure privacy compliance for departmental initiatives.
• Work with ITS Leadership, and various groups including Integrity and Workplace Relations, and Legal Services in leading compliance with Information Privacy and Other Legislation Amendments (IPOLA).
• Review personal information handling practices of the department to assess departmental compliance.
• Use of tools to monitor, maintain and improve data classification across the network.
• Work collaboratively with the ITS Cyber Security team to ensure security controls and processes are aligned to protect personal information.
• Foster a Privacy-aware culture across the department through the development of training and awareness packages related to information privacy and cyber security.
• Uplift capability, knowledge and awareness of Privacy across the department through developing and implementing a communication plan.
• Manage and maintain the department's Information Asset Register and Open Data Strategy.
• Perform other tasks as required by the Manager, Director, and CIO.
  
  
  

Applications to remain current for 12 months.

Job Ad Reference: QLD/673925/25

Closing Date: Monday, 12 January 2026

Occupational group Information Management/Library