The Office of the Information Commissioner (OIC) is seeking an experienced Principal Privacy Officer to uphold the privacy rights of Queenslanders. In this role, you will provide independent expert advice and assistance to Queensland government agencies on interpreting and administering the Information Privacy Act 2009 (IP Act). You will manage privacy complaints and assess notifications received under the Mandatory Notification of Data Breach (MNDB) scheme. If you have experience handling privacy complaints and data breach notifications under the IP Act or a similar privacy jurisdiction, we encourage you to apply.

Job details

The OIC is an independent statutory body with powers under the Right to Information Act 2009 (Qld) (RTI Act) and Information Privacy Act 2009 (Qld) (IP Act) to promote and regulate access to government held information and protect people's personal information held by the public sector.

Our vision is building trust through transparency.

Our purpose, as a contemporary regulator, is to promote and independently uphold information access and privacy rights.  We facilitate greater and easier public access to government held information and assist agencies understand their obligations under the IP Act to safeguard the personal information that they hold. Our office reviews agency decisions about access to information, mediates privacy complaints, and monitors and reports on agency compliance to Parliament.

What we offer is:

• Flexible working options supporting work-life balance once successfully onboarded and approved
• A highly supportive and inclusive culture that values diversity and fosters team success
• An opportunity to join a passionate, engaged, and high-performing organisation with a vital integrity role.

About the Role:

This role is responsible for managing privacy complaints relating to Queensland public sector agencies, including assessing jurisdiction, mediating disputes, and preparing correspondence in accordance with the IP Act. It involves evaluating notifications under the Mandatory Notification of Data Breaches (MNDB) scheme and providing expert advice to ensure compliance with the IP Act. A key focus of the role is enhancing information handling practices through the adoption of technology and privacy-by-design principles, while also delivering advice, guidance, and in-person and online training to both the community and public sector agencies to promote awareness of privacy rights and responsibilities.

This role also plays a vital part in developing policy advice, resources, and training materials to enhance understanding and compliance with privacy principles. It involves close collaboration with internal and external stakeholders to ensure effective implementation of privacy practices. Key responsibilities include participating in audits and reviews of agency performance and personal information handling to ensure adherence to the Mandatory Notification of Data Breaches (MNDB) scheme. In addition, the role requires driving initiatives that promote a transparent and accountable public service culture while safeguarding personal information. Representing the OIC at stakeholder meetings and forums is a critical aspect, fostering effective communication and advocating for strong information policy settings. Through these efforts, the role supports the OIC's mission to improve privacy practices and uphold the responsible management of personal information across Queensland's public sector.

This is a permanent, full-time position located at the OIC office in Brisbane City. The incumbent may be required to undertake some travel across the state for training and engagement activities. For all key responsibilities and core capabilities, please see the attached role description.

How to apply:

If you are interested in working with us, please provide the following information:

• A two-page statement addressing the role requirements and core capabilities of the role, and your motivation to join OIC
• Your current CV or resume (maximum three pages is recommended), including any mandatory and/or other requirements.  
• Details of two referees who have a thorough knowledge of your capabilities, work performance and conduct within the previous two years. It is preferable to include your current or immediate past supervisor. 
• Details of any visa conditions if you are not an Australian citizen or do not have permanent residency status

Only those persons eligible to work in Australia may be employed by the OIC. Prospective employees will be required to provide proof of identity and documentary evidence of their right to work in Australia.

If you have included any education and professional qualifications or enrolments in your resume, please attach these to your application.

Note: Experience working with privacy complaints and data breach notifications under the IP Act is a requirement for applying for this position. While there are no mandatory qualifications, tertiary qualifications in law, and/or experience in an independent integrity agency, will be highly regarded

Further information

We are committed to building inclusive cultures in the Queensland public sector that respect and promote human rights and diversity.

Documents

Before applying for this vacancy please ensure you read the documents below.

• OIC Guideline for Applicants 2025 (1) (PDF, 206KB)
  Application Kit
  
  AO7 Principal Privacy Officer - Role Description (2) (PDF, 301KB)
  Role Description