For government has transitioned to using the Queensland Government design system. If you have feedback, please use the form at the bottom of this page.

Learn more

Help shape the For government website by joining our user research panel.

Register now

Skills framework for the information age (SFIA) role profiles

Security analyst

Description

A security analyst is responsible for ensuring the collection, processing, preservation, analysis and presentation of evidence in support of vulnerability mitigation and information security incident investigations. The security analyst also responds to computer security incidents in line with internal protocols. Advice and guidance will be provided to staff for handling information security incidents. The security analyst will work closely with security specialists to ensure that appropriate controls and standards are adhered to allow appropriate access to information and prevent malicious attacks.

It is recognised that for effective service delivery to the customer, the organisation needs to create a balance between the need to protect information security, with the need to have access and information exchange to facilitate service delivery to their clients. A sound appreciation of the environment and sensitivity of information is central to this role. The security analyst will also work with the policy officer in developing policies that that provide users with guidelines that assist in ensuring information is stored and accessed in a safe way.

A security analyst exhibits a combination of capabilities from the Skills Framework for the Information Age (SFIA) and from the Leadership competencies for Queensland.

SFIA profile

Within the SFIA profile, the security analyst has level 5 capabilities, i.e. ensures and advises on the skills outlined below.

Refer to the framework for descriptions of the seven levels of responsibility and accountability.

SFIA skill

SFIA skill code

SFIA skill level of responsibility

SFIA skills level descriptor

Security operations

SCAD

5

Oversees security operations procedures, ensuring adherence and effectiveness, including cloud security practices and automated threat responses.

Reviews actual or potential security breaches and vulnerabilities and ensures they are promptly and thoroughly investigated. Recommends actions and appropriate control improvements.

Ensures the integrity and completeness of security records, ensuring timely support and adherence to established procedures.

Contributes to the creation and maintenance of security policies, standards and procedures integrating new compliance requirements and technology advances.

Information security

SCTY

5

Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.

Contributes to development of information security policy, standards and guidelines.

Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems. Investigates major breaches of security and recommends appropriate control improvements.

Develops new architectures that manage the risks posed by new technologies and business practices.

Incident management

USUP

5

Responsible for the operation of the incident management process.

Manages incident communications, ensuring all parties are aware of incidents and their role in the process.

Leads the review of major incidents and informs service owners of outcomes. Ensures incident resolution within service targets. Analyses metrics and reports on the performance of the incident management process.

Develops, maintains and tests incident management policy and procedures. Ensures compliance with regulatory requirements.

Digital forensics

DGFS

5

Leads investigations to correctly gather, analyse and present findings, including digital evidence, to both business and legal audiences.

Collates conclusions and recommendations and presents forensic findings to stakeholders.

Plans and manages digital forensics activities within the organisation. Provides expert advice on digital forensics.

Contributes to the development of digital forensics policies, standards and guidelines. Evaluates and selects digital forensics tools and techniques.

Leadership skills

Leadership competencies for Queensland describes what highly effective, everyday leadership looks like in the sector. In simple, action-oriented language, it provides a common understanding of the foundations for success across all roles. The profile describes three performance dimensions (vision, results and accountability) and 11 leadership competencies required against five leadership streams.

Leadership streams are not connected to a level or classification, but rather reflect the balance between leadership and technical skills required of an individual. Individuals can consider the value proposition of roles rather than the traditional lens of hierarchical structures or classification levels. The five leadership streams are:

  • Individual contributor (Leads self and does not supervise others)
  • Team leader (leads a team and typically reports to a program leader)
  • Program leader (leads team leaders and/or multiple areas of work)
  • Executive (leads program leaders or other executives)
  • Chief executive (leads the organisation).

When developing a role description, identify the role type and then focus on the most important attributes and create a balance between SFIA skills and leadership skills.

Entry points

A degree level qualification in information technology or information systems is required for this role.

Last updated:
9 September 2025