As the Cyber Security Manager, you will lead a team in the implementation of comprehensive security strategies to protect the Department’s digital information systems. You will assess security risks, vulnerabilities, and threats, ensuring a secure operational environment across all platforms.

Your responsibilities will include coordinating the design and execution of security policies and procedures, as well as overseeing the implementation of advanced security technologies to safeguard departmental assets.

Job details

Your key responsibilities:

• The role requires you lead a specialised team in the development, refinement, implementation and maintenance of security configuration management standards, policies, and guidelines across multiple operating environments to deliver crucial ongoing system safety.
• Contribute to the development of cyber security related strategies that address information control requirements. Identify and monitor environmental and market trends and pro-actively assesses impact on business strategies, benefits, and risks.
• Participate in development of cyber security policies, standards, processes, and guidelines for security operations that are fit for purpose, current and are appropriately implemented.
• Ensure security architectural principles are applied during design to reduce risk and drive adoption and adherence to policy, standards, and guidelines.
• Manage security incidents, including investigation, containment, and resolution, and implement preventive measures to mitigate future risks.
• Collaborate with internal stakeholders, including technology, operations, risk, and compliance teams, to ensure alignment of security initiatives with business goals and objectives.
• Stay abreast of emerging threats, vulnerabilities, and industry trends to proactively address potential security risks.

Technical skills, abilities, and cultural capability:

• Proven ability to manage work packages across multiple domains, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
• Sound knowledge of information security technologies, such as firewalls (Checkpoint, Azure), proxies (Bluecoat), Web Application Gateways (Azure Front
Door, Azure WAF), SIEM (Splunk, Microsoft Sentinel), DLP, encryption and endpoint security (Microsoft Defender)
• Sound knowledge of modern security architectural design principals and components such as Zero Trust, Authentication / Authorisation, Penetration Testing, User Behaviour Analytics, Vulnerability detection and management
• Experience managing workloads in an ITIL based support environment
• Experience with cloud security principles and technologies, preferably Microsoft Azure, Microsoft 365, and AWS
• Proven experience in developing and implementing information security, standards, policies, and procedures
• Knowledge and experience ensuring compliance against Cyber Security frameworks (e.g., Essential 8 (E8), Information Security Manual (ISM), NIST Security Frameworks, and ISO 27001).

Applications to remain current for 12 months.

Job Ad Reference: QLD/624608/25

Closing Date: Thursday, 20th March 2025

Further information

We are committed to building inclusive cultures in the Queensland public sector that respect and promote human rights and diversity.

Please ensure you download all attachments and follow the instructions on how to apply.

Documents

Before applying for this vacancy please ensure you read the documents below.

• 624608 25 - Role Description (Word, 289KB)
  
  
  624608 25 - Applicant-Information-Package (Word, 359KB)