Job Ad

The Aged Care Quality and Safety Commission (the Commission) was formed on 1 January 2019. We work to improve the lives of older people by maintaining the integrity of the aged care system.

As the single independent regulator of Australian Government aged care services, we offer a variety of interesting and challenging jobs across most capital cities.

It is an exciting time to join the Aged Care Quality and Safety Commission, with major reforms underway to improve aged care in Australia. You will be contributing to our role as the national regulator to safeguard and protect older Australians receiving aged care services.

The Cyber Team

The Cyber team within the Digital division are here to safeguard our digital assets, information and infrastructure by leading the implementation and monitoring of robust security measures, policies and practices to protect against unauthorised access, data breaches and cyber-attacks.

ITSA – IT Security Advisory Team role is to provide expert guidance and insights to ensure compliance with regulatory requirements and enhance cyber security awareness within the Commission and engage with partners to identify emerging threats and industry trends to proactively identify and mitigate risks.

Purpose of position:

The Assistant Director, Data Security Specialist is a pivotal technical and leadership role within the Commission, responsible for strategic security oversight of core data storage, processing, presentation and governance layers. Reporting directly to the Chief Information Security Officer (CISO), this role is instrumental in preparing for, directing, and responding to cyber security incidents and threats. The Assistant Director will perform in-depth analysis and investigations of data security incidents across the Commission -managed platforms and work closely with vendors to ensure continuous alignment with the Commission's cyber security objectives. 

Key Accountabilities

The duties of the Assistant Director, Data Security Specialist include, but are not limited to: 

• Leadership and Management 
  • Lead and manage the Data Security function, ensuring visibility, delivery and enhancement of the Commission’s data platforms. 
  • Provide leadership and direction, setting future strategies and guiding staff learning and development on data security. 
• Incident Response and Management 
  • Develop and implement action plans in response to cyber security events. 
  • Escalate and coordinate the identification and response to potential malicious activities, including recovery and forensic evidence with relevant stakeholders. 
  • Plan, manage, and coordinate proactive incident responses to cyber threats and intrusions across The Commission. 
• Data Platform Oversight 
  • Oversee the security posture of The Commission data platforms, including data storage, transmission, processing, presentation and represent security posture in data governance layers. 
  • Liaise with vendors and coordinate revisions to service agreements to ensure alignment with The Commission’s Information Security Management System (ISMS) and compliance efforts. 
• Stakeholder Engagement and Collaboration 
  • Engage with the Australian Cyber Security Centre (ACSC) and other relevant bodies to enhance the organisation’s cyber resilience. 
  • Develop and maintain effective relationships with internal and external stakeholders, ensuring open communication and collaboration on security matters. 
• Monitoring and Evaluation 
  • Monitor and evaluate emerging data and cybersecurity threats and trends, implementing appropriate measures to address them. 
  • Support the organisation's compliance with relevant regulations and standards, including ISO 27001, PSPF, and other applicable frameworks. 
• Security Awareness and Education 
  • Promote a culture of security awareness and education throughout the organisation, ensuring all staff understand their roles in maintaining security. 

Key   Capabilities

• Stakeholder Relationships 
  • Demonstrated ability to build productive working relationships with stakeholders to ensure effective communication and collaboration across the organisation. 
• Leadership and Direction 
  • Proven ability to provide leadership and direction to team members, defining and setting future strategies and guiding staff learning and development. 
• Operational Support 
  • Possess the expertise and knowledge to manage, deliver, and implement prioritised requests to ensure the best outcomes for the Commission, aligning with quality and operational support standards. 
• Ownership and Accountability 

• Demonstrated ability to take ownership and accountability for assigned areas of responsibility, ensuring work is performed according to agreed standards. 

• Communication and Influence 
  • Possess strong communication and influencing skills, with the ability to create clear written and oral communication tailored to the audience. 
• Operational Management 
  • Proven experience in overseeing the day-to-day operations of the team, ensuring incidents and problems are managed in a timely manner. 
• Knowledge and Guidance 
  • Demonstrate extensive knowledge and understanding of data and cyber frameworks, legislation, policies, and procedures to guide the team effectively. 
• Analytical and Problem-Solving Skills 
  • Possess strong analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions. 
• Proactive Risk Management 
  • Exhibit a proactive approach to identifying and addressing security risks, ensuring the organisation’s information assets are protected. 
• Continuous Professional Development 
  • Illustrate a commitment to continuous professional development and staying abreast of the latest cybersecurity trends and technologies. 

Key Relationships

Internal:

Cyber Director, Digital Group, Commission’s Directors and other Commission stakeholders as required.

External:                         

External stakeholders as required