Description: IT Security Risk & Compliance Officer

Overview:

The IT Information, Risk & Security Officer is responsible for the ongoing management of information security, policies, procedures and technical systems in order to maintain the integrity, confidentiality, availability of our systems. Also works on multiple cross-functional and enterprise-wide projects that are strategic in nature. Typical areas of responsibility include:

Job Description:

- Identification and assessment of Information Security (IS) risks
- Co-ordination of IS activities
- Responsibility for ensuring that IS policies and procedures are up-to-date, comprehensive and communicated as appropriate
- Provision of a security awareness program and promotion of security awareness throughout my client
- Assessment of technical vulnerabilities in systems and infrastructure
- Monitoring of IS, including review of system logs, legal compliance and compliance with policies and procedures
- Reporting on IS performance to senior management
- Managing organisation response to IT and IS related security incidents
- Responsibility for DR planning
- Data Protection

Key Duties/Responsibilities:
- Responsible for implementing, managing and enforcing information security directives as agreed by Head of IT
- Ensure the ongoing integration of information security with business strategies and requirements
- Ensure that the access control, disaster recovery, business continuity, incident response, and risk management needs of the organisation are properly addressed.
- Lead information security awareness and training initiatives to educate workforce about information risks.
- Perform ongoing information risk assessments and audits to ensure that information systems are adequately protected and meet best practice (ISO27001) standards.
- Work with vendors, consultants and other third parties to improve information security within the client
- Lead an incident response team to contain, investigate, and prevent future computer security breaches
- Lead data protection employee awareness programmes; ensure adequate training initiatives to educate workforce are in place to manage data protection risks.

- Management of Data Access requests and point for contact for investigations and audits.
- Serves as primary consultant or project leader for IT Audit, External Audit, Risk Assessment or other third parties reviews.
- Responsible for Business Continuity Planning - develop and maintain a companywide business continuity program that addresses disaster recovery, business recovery and emergency response management
- Develop, produce and update BCP/DR materials and documentation (e.g., plans, emergency response procedures, call lists, test results, etc.). Plan and coordinate all business continuity technical and user testing. Liaise with Business Continuity Coordinators to develop effective working relationships. Perform risk analyses for functional areas to identify points of vulnerability, single points of failure and identify risk avoidance and mitigation strategies

Knowledge, Skills, Competencies:
- IT Degree | Professional Qualification
- CISSP (Certified Information Systems Security Professional)
- Minimum of 7 years experience working in the Financial Services Sector with relevant technical and business work experience.
- Significant experience and knowledge in new computing architectures and implementation of networked computing structures; experience with internet development and implementation.
- Previous experience in business process re-engineering or process improvement, involving broad based information systems, utilising tools and techniques to affect business change; business systems analysis experience.
- Experienced in the management of both physical and logical information security systems
- Strong technical skills (application and operating systems hardening, vulnerability assessments, security audits, intrusion detection systems, firewalls etc).
- Outstanding interpersonal and communication skills.
- Must possess a high degree of integrity and trust along with the ability to work independently.
- Excellent documentation skills.
- Ability to weigh business risk and enforce appropriate information security measures.
- Attend conferences and user groups; belongs to professional organisations


Academic Qualification: Computer Science Degree

Remuneration Package:
Very attractive Remuneration Package.

Description: My Dublin City Centre client are currently recruiting for a Information Security Risk Analysis Role.

Role Description
This unit is responsible for the management of, and provision of expert advice on, the selection, design, justification, implementation and operation of technology and information security controls and security management techniques relating to any aspect of information systems.
A vacancy exists within this function for an Information Security Specialist.

Applications are invited from suitably qualified candidates with 2-5 years experience in the delivery of Information Security services. A recognised Information Security qualification such as CISSP would be an advantage.


Responsibilities

1.Provide advice and guidance to IT and Business areas on the application and operation of security controls, including legislative or regulatory requirements.

2.Provide guidance on all aspects of security policy and standards, and contribute to the development of standards.

3.Co-facilitate Information Security risk assessments. Prepare appropriate technical overviews of systems under review to support the risk analysis. Assist in the preparation of recommendations of appropriate action to IT and business management based on the analysis conducted.

4.Conduct information security control reviews, under the guidance of more experienced or specialised practitioners as required. Recommend appropriate action to IS and business management

5.Deliver and contribute to the design and development of specialist IS security education and training to IS and system user management and staff.

If you are interested in this role can you please send in an Updated CV to peter@eolas.ie or call 01 286 6666

Description: My Dublin City Centre client is currently recruiting for Information Security Operations Specialist.

Applications are invited from suitably qualified Information Security professionals with at least 2 years experience. A CISSP or other recognised Information Security qualification is strongly preferred.

Responsibilities

1.Control the operational monitoring, recording, investigating and reporting within IT Security Operations and report on all security exceptions. Conduct investigations of operational problems and make proposals for improvement.
2.Inform and guide users when defining their needs for all security rights and privileges.
3.Operate and manage logical security access controls across platforms to ensure a continuous and secure access service to IS facilities.
4.Vulnerability Management across multiple platforms
5.Management and co-ordination of security related incidents
6.Operation of the security event management process
7.Provision of cryptography and certificate services
8.Participate in the evaluation of new security technology and functionality to identify opportunities for service improvement and compliance with existing operational procedures.
9.Provision of technical security advice and guidance on Security Operations to change projects as appropriate.
10.Support and participate in the development of technical security standards
11.Assist in the development and expansion of a best practice approach to IT security operations across the enterprise.

If you are interested in this role please send an Updated CV to peter@eolas.ie or call 01 286 6666