As the Information Security Management System (ISMS) Officer you will oversee the ongoing management and development of the department's information security policies, standards, education, awareness and information security advice ensuring that it is able to support the information security requirements of the department.
You will work closely with cyber security staff and business units in the management of the department's ISMS. The successful applicant will be responsible for leading departmental governance and risk management activities related to information security and coordination of reporting activities against the department's Information Security Management System (ISMS). In order to deliver a decentralised service/system based attestation, you will be required to:
- Develop processes for quarterly attestation against ISMS progress
- Develop checklists for service/system owners to support attestation process
- Develop any other necessary material relevant to ISMS onboarding as part of a decentralized attestation model
- Work with service/system owners and other relevant stakeholders to determine appropriate items to feed into checklist based upon the service model, I.E., on-prem, cloud, PaaS, multi-supplier.
- Sound knowledge, or the capacity to acquire a sound knowledge, of current strategic issues pertaining to the direction of information security and communication technologies and relevant policies within a complex environment
- Demonstrated responsibility for delivery of quality information security outcomes and responsiveness to environmental and organisational change.
- Experience working with senior level stakeholders.
- High level written and oral communication skills and excellent organisational skills.