A role with WorkCover Queensland is more than just a job, it’s an opportunity to develop your career and make a real difference. Our vision is to be the best workers’ compensation insurer and make a positive difference to people’s lives. We bring together diverse talent and provide you with the opportunity to achieve your potential, add value to the meaningful work we do, and make WorkCover a truly inclusive place to work.
A new and fantastic 12 month opportunity where you will work closely with WorkCover Queensland board, executives, business leaders, and the broader S&T team to establish and maintain an organisation-wide cyber risk and information security program to manage and educate on all matters relating to cyber and information security, technology risk, and digital and information fraud.
Key accountabilities include but not all:
- Design, implement, and maintain WorkCover Queensland Cyber and Information Security Framework.
- Design, implement, and maintain WorkCover Queensland data and information classification standards.
- Plan, develop and drive cyber risk and information security strategies in line with business, operational, legislative and regulatory requirements
- Ensure cyber risk and information security practices are integrated into the organisation’s strategic planning and operational processes
- Maintain information security policies and incident response planning
- Ensure disaster recovery and business continuity plans align to business needs and are tested periodically against a set of business agreed metrics
- Define and maintain a single library of protective, detective and corrective controls for all digital, information and technology assets
- Recommend and advise on IT Security related projects and priorities
A bit about you:
- Bachelor’s degree or an equivalent combination of education and related work experience
- A Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM) or equivalent certification from a recognised professional organisation is required
- Minimum 7 years’ experience in a similar role
- Strong understanding of cloud and network security technology, including strategy, design, and architecture
- Demonstrable experience as a skilled cyber and technology risk practitioner in establishing and delivering end to end cyber risk and information security solutions within a digital environment.
- Major framework/methodology understanding, experience and certification across security including:
- Proficiency in ISO27k, NIST and ASD standards.
- Familiarity with APRA and ASIC regulations.
- Exceptional leadership skills with proven ability to strategically manage and provide authoritative technical and policy advice at the highest levels
- Proven experience working with senior business stakeholders at board, executive, senior management levels to advocate for and achieve successful business outcomes
A bit about us:
Working in a collaborative team environment within a supportive and engaged organisation, you’ll enjoy access to our health and wellbeing program, a variety of flexible work offerings (including part-time arrangements and purchased annual leave, you might even wish to work remote one day a week), learning and development opportunities (with study assistance and leave), salary packaging, voluntary super contributions, 14 weeks paid parental leave, and community initiatives to give back – just to name a few!
How do I apply?
Please submit your resume and covering letter to Paul Stredder, Senior Consultant People and Culture with applications closing at 12pm Tuesday 1st December.