My client is a financial services company based in Dublin 2. They have a brand new opening for an IT Security Manager to come and join their team on a 23 month Fixed Term Contract with the potential to go permanent.
The Information Security Manager will have day-to-day responsibility for all aspects of Information Security ensuring that appropriate levels of security are in place across the organisation. They will also be responsible for coordinating the company’s response to security related matters including assessing risk, drafting and delivering Information Security assurance as well as regulatory compliance and adherence to industry best practices. This position would suit an experienced IT Security Specialist/Officer looking to move up to the next level in their career. They will be able to communicate effectively and have the ability to influence and inform senior management regarding cybersecurity and other Information Security threats.
- Take ownership for co-ordination and hands on delivery of IT & Cyber Risk continuous improvement program
- Own the Information Security Management System and associated documentation, including updating this regularly and ensuring the necessary controls are operated to monitor and achieve compliance with the requirements.
- Develop Information Security standards, procedures, training and guidance.
- Assess and continually review the cybersecurity posture of the organisation working with the IT Leadership team to ensure alignment to strategy.
- Work closely with the Head of IT to ensure appropriate cybersecurity systems and controls are in place, monitored and tested.
- Develop, deliver and maintain a KRI reporting suite for Information Security risks.
- Collaborate with other lines of defence teams to manage Information Security risks.
- Investigate and report upon Information Security incidents that arise within the organisation.
- Provide security expertise and technical assistance for the evaluation, selection and secure deployment of new IT systems.
- Hands on management of day to day security tasks such as security incident management, User access reviews, Risk Treatment plans and Stakeholder Reporting.
- Serve as approval member of the Change Approval Board, applying a security lens to prospective business changes.
- Act as the reference point for all Information Security audits undertaken by lines of defence teams, coordinating audit activities, managing responses and closing out issues identified.
- In conjunction with the IT Leadership team maintain a 3rd party Information Security audit process and carry out regular Information Security audits on 3rd party suppliers.
Skills & Experience:
- Bachelors' degree in Computer Science or other science or engineering discipline. An advanced degree would be an advantage.
- At least 5 years’ experience in a hands-on Information Security role.
- Must possess a general understanding of information security risk management, such as ISO\IEC 27001:2013, Octave-Allegro, ISO\IEC 31000, ISF iRAM2.
- Must have prior experience in designing solutions and controls for regulated environments and must possess awareness and knowledge of SOX, COBIT, SSAE-16 SOC 1 & 2 , ISO\IEC 27001:2013, EU GDPR and/or NIST CSF standards, PCI DSS Compliance;
- Extensive knowledge of cyber security technologies, technical security policies and security control mechanisms; experience with cloud security (Azure) is also desirable.
- Understanding of and practical experience of applying the Data Protection Act, the Freedom of Information Act and other related legislation, standards and codes of practice e.g. EU GDPR, PCI DSS
- CISSP, CISM (or similar qualifications).
If you are interested in this opportunity, please apply with your CV highlighting your relevant skills and experience.