Manager Cyber Security
The role: Reporting directly to Chief Information Security Officer, you will be required to assess the Cyber Security environment and determine what the governance requirements of the organisation are and develop strategies to address this. The role will provide strategic and operational leadership and direction in Cyber Security governance, risk management, policy and planning to ensure that Queensland Health's Cyber Security strategic objectives are achieved and that information resources, particularly those critical to the functioning of Queensland Health, are secured effectively from threat while enabling the business to operate effectively. This role will require close collaboration with other major areas in the Cyber Security team, including Training Awareness & Communications, Strategy and Architecture, Risk Management, Gateways and Cyber Defence (SOC, IR, CTI, Vulnerability Management) Your responsibilities will include: Lead and manage the development and implementation of the Queensland Health Information Security Management System (ISMS), which meets the business and operational needs of Queensland Health and its clients.
Provide expert advice and strategic input into the development of an ISMS based on ISO 27001 to ensure Queensland Health meets all relevant compliance and governance obligations under Federal and State legislation, State regulations, Queensland Health policies, Information Management standards, within the context of enabling the business to deliver high quality healthcare services. Assist Hospital and Health Services with the development and implementation of their Information Security Management System (ISMS). Coordinate the management of Cyber Security related Audits on behalf of the Cyber Security Group.
Oversee and manage the coordination of Whole of Government security responses and national and industry engagement. Lead and manage a specialist team, developing a culture that assists Queensland Health adopt sound information security and information security risk practices. Build and maintain effective working relationships with eHealth Queensland management and staff and Queensland Health business managers, with respect to Cyber Security matters.
Are you right for this role? Demonstrated experience in the development and implementation of an Information Security Management System (ISMS) based on ISO 27001 , in a large, complex and geographically dispersed service delivery organisation. Demonstrated broad knowledge and understanding of the major trends, strategic directions and legislative and governance frameworks related to information security, with the capacity to successfully adopt them in the healthcare environment. Demonstrated experience in one or more of the following areas: Training, Security Governance, Strategy and Architecture, Policy Development and Implementation, Risk Management, Audit and Assurance, Incident Management or Vulnerability Management.
Highly developed research, analytical,....