Chief Security Officer Chief Security Office, Information and Knowledge Services The Chief Security Officer (CSO) is a new role and will develop and lead a cross-Departmental approach for all aspects of protective security, covering Security Governance, Personnel Security, Physical Security and Information Security (including Information and Information Communication Technology (ICT) security).
The CSO is a transformational change leader, responsible for leading and building a strong security culture where people have a high degree of security awareness and good security practises become an integral part of how we do things around here.
The CSO also assumes the function of Incident Controller in major and emergency situations, in line with DIA’s Incident Management Framework. Reporting to: Deputy Chief Executive, Information and Knowledge Services Location: Wellington Salary range: Corporate Band L
What we do matters – our purpose Our purpose is to serve and connect people, communities and government to build a safe, prosperous and respected nation. In other words, it’s all about helping to make New Zealand better for New Zealanders.
How we do things around here – our principles We make it easy, we make it work Customer centred Make things even better We’re stronger together Work as a team Value each other We take pride in what we do Make a positive difference Strive for excellence
Working effectively with Māori Te Aka Taiwhenua – our Māori Strategic Framework – enables us to work effectively with Māori. We accept our privileged role and responsibility of holding and protecting the Treaty of Waitangi / Te Tiriti o Waitangi.
The Department of Internal Affairs Te Tari Taiwhenua What you will do to contribute As a result we will see
Strategic Leadership DIA has a security strategy and Lead the development and execution of a clear framework that is well positioned protective security strategy, framework and security and fit for purpose. plan to manage departmental risks that set the ELT and Senior Leaders across DIA journey and direction for how security is considered are well informed and advised and embedded into the business. and demonstrate leader led Provide strategic security leadership, advice and approach. assurance to ELT, senior business leaders and the Strong, collaborative and security community within DIA. productive relationships Establish strong, strategic and working relationships developed across DIA and with with ELT, senior business leaders and the security external agencies and community within DIA ensuring a common professional bodies that enhance understanding of the DIA security direction and security culture and practice expectations and promoting good security within DIA. management and leadership. ELT is assured that the Establish strong, collaborative relationships with organisation is covering all areas security leaders from other Government agencies of the security framework and and proactively engage in Government wide security taking a comprehensive and forums. appropriate response to security Establish strong, strategic relationships with the management and management of Government Chief Information Officer and Chief business risk. Privacy Officer and other key AoG stakeholders. Organisational Change Management DIA has a strong security culture Lead the development and execution of the where people have a high degree organisational change management strategy and of security awareness and a implementation plan to raise awareness and engage proactive approach to good the hearts and minds. security practises embedded in all Lead the capability and maturity uplift desired and aspects of DIA’s business from deliver agreed security outcomes and objectives for design through to operations and DIA whilst meeting its obligations to wider governance. government mandated initiatives. The practice of security and Visibly champion the desired security behaviours. incident management becomes part of the way we “do business Provide support to senior leaders and people round here”. managers in effecting the desired culture with their staff and teams. Improving level of security related risks Increased capability and organisational resilience in respect of responding to security and incident management risks.
Page 2 of 6 The Department of Internal Affairs Te Tari Taiwhenua What you will do to contribute As a result we will see
Security Planning and Performance DIA has a fit for purpose security operating model for the Lead the development of comprehensive strategic development of security security objectives, priorities and security plan that capability, cultural change and enable the achievement of the desired culture effective impact to business maturity, capability uplift and business outcomes, outcomes. whilst meeting its obligations to wider government There is a consistent approach to mandated initiatives. good security practise across DIA. Oversee the effective running of the Chief Security Office ensuring regular reviews of the strategic Strategies are in place to documentation and frameworks are completed. continuously improve our security practises across DIA. Provide effective leadership to the governing body for Security & Privacy within the Department. DIA has a risk based security plan Lead the development and implementation of under action and organising protective security policies, procedures, standards trends for better managed and guidelines to form the baseline for DIA achieving security risks its transformation and business as usual objectives. DIA understands new emerging Provide oversight of management of critical risk and security threats and how they threat identification, remediation and establishment might impact the DIA’s risk of protective controls and measures for continued profile. strengthening of all facets of security across DIA. Relevant and effective policies, Provide assurance to Executive Leaders and procedures, standards and Governance bodies that protective security controls guidelines are embedded across and measures are being implemented and effective. the organisation. Develop and implement Security/Risk monitoring Robust security and incident material and report these on a regular basis through management frameworks are in the DIA Governance system. place and working in DIA, supported by appropriate practices and processes. Incident Management Major/emergency incidents are Activate and direct DIA’s response to responded to with urgency, well- major/emergency incidents. co-ordinated with clear direction Assess impact on staff, property, critical business and control. functions and services and the Department’s ELT is assured that responses to credibility. major/emergency incidents are Manage the Emergency Operations Centre and effectively managed. Incident Response team. The business is prepared to Ensure responsibilities under the CDEM Act are met. respond to major/emergency incidents. Manage media and public information. Run twice yearly major incident management simulation sessions.
Page 3 of 6 The Department of Internal Affairs Te Tari Taiwhenua What you will do to contribute As a result we will see
People Leadership and Management Behaviour in line with the Senior Provide context, translate and communicate the Leader profile of the DIA Department’s direction within your team; Capability Framework. Set appropriate directions, priorities and Staff have a clear line of sight expectations for direct reports and agree the work between their work and the programmes, tasks and performance; direction of the team, Directorate Lead and inspire by working with direct reports to set and the wider IKS Group. clear and positive team objectives and line of sight Regular culture and engagement for each staff member for the achievement of those activities are undertaken and objectives. owned by the team. Manage the performance, development and The performance and engagement of direct reports in accordance with DIA development of direct reports is processes and the needs and priorities of the team. appropriately planned and Demonstrate leadership support for all Departmental managed in accordance with DIA initiatives and organisational development activities, processes and business needs. modelling expected behaviours to direct reports to create a desired workplace culture. Financial Management Outputs are delivered on time, Set annual team budget and ensure forecast and within budget and to agreed budget is accurate, monitored and reported on; quality standards. Proactively look at opportunities for cost savings, ensuring value for money in all activities; Ensure all expenditure is within budget and financial delegate policy. Health and safety (for self) A safe and healthy workplace for Work safely and take responsibility for keeping self all people using our sites as a and colleagues free from harm. place of work. Report all incidents and hazards promptly. All requirements of DIA’s Health Know what to do in the event of an emergency. and Safety policy and procedures are met. Co-operate in implementing return to work plans. Health and safety (for team) A safe and healthy workplace for Inform, train and equip staff to carry out their work all people using our sites as a safely. place of work. Ensure prompt and accurate reporting and All requirements of DIA’s Health investigation of all workplace incidents and injuries. and Safety policy and procedures Assess all hazards promptly and ensure they are are met. managed.
Page 4 of 6 The Department of Internal Affairs
Te Tari Taiwhenua
Who you will work with to get the job done
Advise Collaborate with Influence Inform Manage/ lead to Deliver Chief Executive Officer Executive Leadership Team Deputy Chief Executives (DCEs) across DIA General Managers (across DIA) Internal Privacy Officer Directors in Shared Services Branch Strategy and Risk Function Security specific roles across DIA Principal Advisor, Resilience & Recovery External Government Chief Information Officer (GCIO) Government Chief Privacy Officer NZSIS Government Security Forums CSOs across the Government Sector
Your delegations as a manager Human Resources and financial delegations Level C Direct reports 3 (and 9 indirect reports)
Your success profile for this role What you will bring specifically At DIA, we have a Capability Framework to help Experience: guide our people towards the behaviours and Experience in leading significant skills needed to be successful. The core success organisational/transformational change at a profile for this role is Senior Leader. senior level in a diverse, complex and changing business environment. Keys to Success: Experience in delivering strategic business Adaptive leadership outcomes through harnessing virtual teams Driving innovation and transformation across a diverse, complex organisation. Strategic agility Experience in taking leadership action in Political savvy major/critical situations. Empowering people for success Inspiring others through vision and purpose Knowledge: Understanding of the public sector environment. Understanding of governance and frameworks for systems and continual business and process improvement. Understanding of the security challenges facing Government departments and the
Page 5 of 6 The Department of Internal Affairs Te Tari Taiwhenua Your success profile for this role What you will bring specifically drivers behind the implementation of Protective Security Requirements (PSR) is an advantage. Skills: Evidence of excellence in communication and negotiation, especially in complex settings and in a cross-cultural environment. Demonstrated sound judgement in dealing with complex, sensitive or ambiguous issues. Strong stakeholder engagement skills with the ability to establish and maintain a wide range of effective relationships and manage issue resolution. Pragmatic, solution-focused approach with well-developed perceptions and judgement. Other requirements: A relevant tertiary qualification or equivalent knowledge, skills, and experience, and a commitment to ongoing professional development. Able to obtain and maintain a Secret security clearance
Page 6 of 6