Description
Hybrid remote – 2x a week onsite* at Dulin City Center(may have flexibility). Contract role, 6 months initially high expectation to be extended.
- We are looking for someone who needs to design, plan, and execute testing of controls to assess their adequacy and operating effectiveness.
- This is not a hands-on technical role so security operations/engineering or pen testing skills are not needed.
- Someone with 2 – 5 years of experience in security management, audit, controls testing, security gap analysis, etc should be well capable of being successful in this role.
- A high-level summary of the role is for a person to review the Information Security Policy & Standards to identify a series of controls that the business staff in each department will need to define and follow to evidence that they are managing their cyber and technology risk.
- The following are examples of what these might include:
- Ensuring business owners of applications or vendor relationships are aware of and managing the key cyber risks and current controls relevant to them.
- Ensuring entitlement reviews occur in a timely manner.
- Having procedures defined and followed for handling sensitive data.
- Ensuring staff perform induction & annual security awareness training is scheduled and performed on time.
- Reporting & responding to suspected / actual security issues e.g. following up with any staff who are identified as transferring sensitive data out of the business without appropriate approval.
- Working with technology teams that support critical business applications to meet security requirements e.g. security findings are addressed within target timescales.
- Conducting periodic office sweeps to ensure clear desktop policy is adhered to.
- Ensuring periodic meetings with vendors include security topics are discussed and gaps addressed where necessary.
-
GRC background (Governance risk and compliance) with some auditing experience would be good(not a must).
Other Skills
In terms of personal attributes one would need to be able to be a self-starter able to work under their initiative, work well with cross-functional teams, has good influencing & communication skills