Why Queensland Fire Department? At QFD, information security is not just a technical function - it is a critical enabler of frontline emergency services that protect Queensland communities. The Cyber and Information Security Branch ensures QFD's information and data assets are trusted, secure and fit for purpose, enabling informed decision-making, compliance and operational readiness across the organisation. This role offers a rare opportunity to shape how information security is understood, embedded and valued across a large, complex emergency services organisation. Your opportunity As Principal Advisor Information Security (AO7), you will lead the development and maturity of QFD's information security policy, standards and Information Security Management System (ISMS). Reporting to a highly experienced Executive Manager, you will be trusted to own your role, take the lead on ISO/IEC 27001, and translate complex cyber and information security concepts into clear, practical guidance for non-technical leaders and stakeholders. This role suits someone who enjoys explaining why security matters - not just what needs to be done. What you will do - Lead the development, implementation and continuous improvement of enterprise-level information security strategies, policies, standards and guidelines aligned to the ISMS - Take ownership of ISO/IEC 27001 and the ongoing maturity of QFD's Information Security Management System - Provide strategic, practical advice on contemporary cyber and information security risks and their business impact - Translate complex technical security concepts into clear, accessible advice for executives, leaders and non-technical stakeholders - Design and deliver information security education and awareness material to build organisational capability - Build strong relationships across ICT, information management, business units and external stakeholders - Prepare high-quality briefs, reports and submissions to support executive decision-making - Represent QFD in information security forums, working groups and interstate communities of practice What you will bring - Demonstrated experience developing and implementing information security frameworks, strategies, policies and standards in complex environments - Strong capability in cyber security risk assessment and governance - Proven ability to communicate effectively with non-technical stakeholders and senior leaders - A collaborative approach that builds trust, influence and shared ownership of security outcomes - Knowledge of, or qualifications in, ISO/IEC 27001 (Lead Implementer or ISMS implementation highly desirable) - Relevant certifications such as CISA or CISM (highly regarded) - You will model QFD's values of Respect, Integrity, Trust, Courage and Loyalty. QFD are proud to be recognised as an employer of choice for women by Work180 and celebrate all diversity by committing to a culture where people feel safe, respected, valued and engaged. Why join us? - Learn from a highly experienced and respected information security leaders - Own and shape the organisation's ISO/IEC 27001 and ISMS journey - Make your mark in a role with genuine autonomy and influence - Protect Queensland communities by strengthening the security that underpins frontline services - Participate in interstate communities of practice and collaborate with peers nationally - Build your professional profile and reputation while representing QFD at senior forums How to Apply To apply for this role, please action the following steps: 1. Submit a current resume outlining your work history and achievements 2. Submit a cover letter (maximum two pages) addressing the key capabilities and your suitability for the role 3. Submit any mandatory qualifications or checks listed in the Position Description Applications must be submitted online by clicking the green Apply Online button to QFD Recruitment system Nexus Applications will remain current for 12 months and may be contacted for future opportunities.