Company:
The State of Queensland
Location: Brisbane
Closing Date: 20/10/2024
Type: Temporary
Job Requirements / Description
Transport and Main Roads
(Organisation site:
http://www.tmr.qld.gov.au/ ) CITEC; Transformation & Enabling Technologies; Queensland Government Customer & Digital Group; Brisbane City As the Operations Manager, you will provide the technical leadership and specialist skills related to security governance, risk & compliance, security architecture, risk assessment, and security incident management. About us CITEC provides Queensland Government departments and associated entities with information, communication, and technology services that support the delivery of quality frontline services to Queensland communities and businesses. The Enabling Services branch within CITEC leads the architectural design, product and service management, stakeholder engagement, project management, risk management, vendor management, and ITSM practice primarily to enable the delivery of CITEC services. The Assurance and Risk Management team forms part of the Enabling Services and provides a consolidated approach taking in all elements of the assurance framework including quality management, risk management, and audit and compliance to support all areas of CITEC. Key responsibilities Information Security Services within CITEC covers a broad range of cyber security domains:
Security governance, risk, and compliance. Security architecture, risk assessment, and roadmap. Security consultancy and professional services to agencies. Security operations focusing on the security infrastructure related services, firewall management, DNS protective services, and secure VPN to the whole of Government agencies. Security incident management function for CITEC. ISO27001 implementation and ongoing operation. As the Operations Manager, you will provide the technical leadership and specialist skills related to security governance, risk & compliance, security architecture, risk assessment, and security incident management. You have the opportunity to combine your excellent technical skills with consultancy and/or project management. Our services are offered in a 24 hours a day / 7 days a week on-call environment, where after hours support is provided through automated tools and rostered on-call staff. Some of your key responsibilities will include:
Manage and lead the CITEC information security policy framework review, implementation, and compliance. Provide technical leadership to develop innovative solutions and continuously improve security services to the clients. This includes but is not limited to security solution/architecture design or review, security risk assessment, security assurance, and so on. Manage, lead and coordinate security incident response, investigation, and resolution (highly desirable). Manage and coordinate CITEC's security vulnerability management maturity program. Manage and lead CITEC's ISO27001 ongoing improvement and operation. Undertake other responsibilities within Information Security Services as required. About you We recognise and celebrate that everyone is unique and seek the applicant best suited to the role. We will assess your experience, knowledge, and acquired skills, as well as your potential for development and your personal qualities. To thrive in this role, you will need to demonstrate the following: Mandatory qualifications and conditions • Due to this role having access to sensitive data, a criminal history check will be undertaken prior to appointment to the role. • The department will make any other necessary screening arrangements such as national security clearance Negative Vetting Level 1 (secret) when required. Requirements of the role • Demonstrate excellent knowledge and experience in information security governance, risk, and compliance. • Show adequate knowledge and application of relevant information security standards, e.g. ASD Information Security Manual, ISO 27000 series, PCI DSS, and industry best practice. • Prove excellent experience in vulnerability management and security assurance. • Demonstrate adequate technical competencies. Applications to remain current for 12 months. Further information
We are committed to building inclusive cultures in the Queensland public sector that respect and promote human rights and diversity. Please ensure you download all attachments and follow the instructions on how to apply.
#J-18808-Ljbffr
(Organisation site:
http://www.tmr.qld.gov.au/ ) CITEC; Transformation & Enabling Technologies; Queensland Government Customer & Digital Group; Brisbane City As the Operations Manager, you will provide the technical leadership and specialist skills related to security governance, risk & compliance, security architecture, risk assessment, and security incident management. About us CITEC provides Queensland Government departments and associated entities with information, communication, and technology services that support the delivery of quality frontline services to Queensland communities and businesses. The Enabling Services branch within CITEC leads the architectural design, product and service management, stakeholder engagement, project management, risk management, vendor management, and ITSM practice primarily to enable the delivery of CITEC services. The Assurance and Risk Management team forms part of the Enabling Services and provides a consolidated approach taking in all elements of the assurance framework including quality management, risk management, and audit and compliance to support all areas of CITEC. Key responsibilities Information Security Services within CITEC covers a broad range of cyber security domains:
Security governance, risk, and compliance. Security architecture, risk assessment, and roadmap. Security consultancy and professional services to agencies. Security operations focusing on the security infrastructure related services, firewall management, DNS protective services, and secure VPN to the whole of Government agencies. Security incident management function for CITEC. ISO27001 implementation and ongoing operation. As the Operations Manager, you will provide the technical leadership and specialist skills related to security governance, risk & compliance, security architecture, risk assessment, and security incident management. You have the opportunity to combine your excellent technical skills with consultancy and/or project management. Our services are offered in a 24 hours a day / 7 days a week on-call environment, where after hours support is provided through automated tools and rostered on-call staff. Some of your key responsibilities will include:
Manage and lead the CITEC information security policy framework review, implementation, and compliance. Provide technical leadership to develop innovative solutions and continuously improve security services to the clients. This includes but is not limited to security solution/architecture design or review, security risk assessment, security assurance, and so on. Manage, lead and coordinate security incident response, investigation, and resolution (highly desirable). Manage and coordinate CITEC's security vulnerability management maturity program. Manage and lead CITEC's ISO27001 ongoing improvement and operation. Undertake other responsibilities within Information Security Services as required. About you We recognise and celebrate that everyone is unique and seek the applicant best suited to the role. We will assess your experience, knowledge, and acquired skills, as well as your potential for development and your personal qualities. To thrive in this role, you will need to demonstrate the following: Mandatory qualifications and conditions • Due to this role having access to sensitive data, a criminal history check will be undertaken prior to appointment to the role. • The department will make any other necessary screening arrangements such as national security clearance Negative Vetting Level 1 (secret) when required. Requirements of the role • Demonstrate excellent knowledge and experience in information security governance, risk, and compliance. • Show adequate knowledge and application of relevant information security standards, e.g. ASD Information Security Manual, ISO 27000 series, PCI DSS, and industry best practice. • Prove excellent experience in vulnerability management and security assurance. • Demonstrate adequate technical competencies. Applications to remain current for 12 months. Further information
We are committed to building inclusive cultures in the Queensland public sector that respect and promote human rights and diversity. Please ensure you download all attachments and follow the instructions on how to apply.
#J-18808-Ljbffr
Share this job
The State of Queensland