Director Cyber Security Risk and ICT Audit

Director Cyber Security Risk and ICT Audit In this role you will report directly to the Chief Digital Officer (CDO). The Director is responsible for leading QCS’s cyber security team, providing risk management and assurance services across QCS technologies, systems and ICT functions, and ensuring implementation of all external and internal audits and review findings as they relate to ICT products and services. The primary accountabilities of the Director, Cyber Security, Risk and ICT Audit include: Oversee the QCS cyber security program and ensure compliance with cyber security policy, standards, regulations and legislation. Lead cyber security planning processes to establish an inclusive and comprehensive cyber assessment and vulnerability management program in support of QCS strategic goals and objectives. Lead the development and maintenance of the QCS ICT business continuity and disaster recovery plans, with the aim to improve business resilience and ensure the continued operation of critical business processes. Supervise, technically review, and execute technology strategic reviews and audits and work collaboratively with Internal Audit to develop a comprehensive audit plan over technology and application controls, ensuring appropriate audit coverage of the current risks and validation of QCS control environments. Lead the establishment and implementation of cyber security frameworks and strategies and drive implementation of risk mitigation strategies to reduce the risk profile across QCS ICT technology and systems, and across its cyber security profile. Prepare and deliver regular reports on QCS cyber security and ICT risk environment to the QCS Audit and Risk Committee and other key governance committees in QCS and at a whole-of-Government level. Leverage data analytics to drive complete coverage of risks and associated security testing, present risks and propose countermeasures to senior technology executives. Develop strong continuous monitoring processes to stay informed of changes and identify current or future risks that should be captured, monitored and mitigated. Track appropriate measures and metrics related to the development and management of our security infrastructure and regularly communicate them to the QCS leadership team. Lead and facilitate meetings between product owners, third parties, vendor, infrastructure, and enterprise architects to build security in their processes and projects. Drive strategic leadership and represent cybersecurity at key forums, risk meetings, steering committees. Work collaboratively with the Information Management team in the implementation of ISO2007 information standard. Facilitate a cyber security cultural change across QCS, and act as a thought leader by continually communicating the strategy and vision. As part of the Digital Services and IT Group leadership team, you will: Contribute to the development and implementation of a QCS Digital Strategy and ICT roadmap and ensure the team's services are delivering to QCS expectations and service targets and whole of Government policies, strategies and direction. Provide strategic leadership that creates a shared understanding and commitment to achieve organisational goals and objectives and encourage a culture of customer service. Provide high level quality advice to executive management, influencing the effectiveness of the department's business processes and ensuring the efficient and effective management and delivery of ICT business systems and solutions. Develop strong working relationships with internal and external key stakeholders to facilitate improved business outcomes for the department and whole of government. Develop the capacity of others through effective mentoring, coaching and professional development and motivate highly professional and accountable multi-disciplinary teams. Strategically use and manage financial, human resources and ICT resources to deliver against agreed projects and plans on time and on budget, by focusing on efficiencies through innovation. Occupational group IT & Telecommunications Seniority level Director Employment type Full-time Job function Information Technology • Public Safety #J-18808-Ljbffr