**Your Key Accountabilities:
The core capability requirements for this role are:
Provide expert strategic, tactical and operational advice which ensures the confidentiality, integrity, availability, accountability and compliance of all QPS information assets which complies with IS18.
Provide input and assistance to and monitor new projects, strategic and operational plans for security and associated infrastructure within QPS systems and services
Participate in designing, capacity planning, configuration management, administration, change management, documentation and support of security technologies within QPS.
Provide technical leadership and mentoring to a team of information security and access specialist to monitor, investigate, contain, eradicate, recover, document and report on security events/incidents/vulnerabilities.
Critically assess existing IT policies, standards and procedures and develop new policies, standards and procedures as required.
Conduct forensic investigations, risk and vulnerability assessments and develop reports on findings, providing both strategic and tactical advice including recommendations on remediation and mitigation of future risks.Maintain, update and continually expand knowledge of developments and trends within the network and information security industry and evaluate the benefit and applicability to QPS systems.
Technical/ Operational/ Educational experience:
Highly Desirable
5+ years' experience across defensive cyber security capabilities, including exposure to security incident response
3+ years working with network and host-based security analysis, as well as with endpoint detection and response (EDR) tools
Experience in consuming and utilising cyber threat intelligence to improve signal and alert fidelity
Strong background with security incident and event management, and log analytics
Strong risk analysis skills
Strong interpersonal and negotiation skills
Strong verbal and written communication skills
Desirable
3+ years experience in the creation and running of a vulnerability management remediation program
Creation and Maintenance of a Vulnerability Management Standard and Procedure.
Experience with the Rapid7 InsightVM or Nexpose tools.
SFIA Skills
The following technical criteria reflect relevant professional skills and competencies from the Skills Framework for the Information Age (SFIA) Framework relevant to this role:
Level: 5
Skill Code(s)
Information security
Further information can be found on the SFIA site by searching for the 'skill' code (e.g. ITMG) and then referring to the skills listed under the applicable 'level' e.g. level 5.
Applications to remain current for 12 months.
This work is licensed under a Creative Commons Attribution 3.0 Australia License.