Job Description
Information Security Governance SpecialistThe Information Security Governance Specialist is responsible for developing, implementing, and maintaining information security governance processes and frameworks within the organization. This includes establishing procedures that adhere to policies, defining roles and responsibilities, and ensuring compliance with relevant laws, regulations, and industry standards.Information Security Governance Specialist Business Accountabilities include:Maintain and evolve an information security governance framework, including policies, procedures, standards, and guidelines.Own, operate and evolve the Information Security Awareness process.Feed into and inform the evolution of the firm’s Information Security strategy.Coordinate and conduct risk assessments to identify and prioritize information security risks, identify potential vulnerabilities and recommend appropriate controls to mitigate risks.Monitor the organization's compliance with information security requirements and on the effectiveness of the information security program and report findings to senior management.Work closely with key stakeholders to ensure that information security processes are aligned with the organization's overall goals and objectives.Collaborate with key stakeholders and cross-functional teams to identify, address and resolve information security issues.Provide guidance and support to employees on information security matters.Ensure compliance with industry regulations and standards such as ISO 27001, DORA and the GDPR.Respond to Information Security related queries from internal and external stakeholders (including audit and regulators).Qualifications and ExperienceBachelor's degree in a relevant field (e.g. Computer Science, Information Systems, Information Security) or equivalent work experience is preferable.Professional certifications in information security governance, such as CISSP, CISM, or CRISC, are highly desirable.Strong understanding of information security related laws, regulations, and industry standards, such as ISO 27001.Demonstrated experience in developing and implementing information security programmes.Experience of financial services regulatory environment would be an advantage.Knowledge of data governance & data security programmes is a plus.Experience working in a hybrid environment is a plus.Ideal CharacteristicsHighly motivated professional with a commitment to high standards and good understanding of governance, information security and risk management.Excellent interpersonal skills with the ability to influence and challenge people.Drive and determination, self-starter, can work unsupervised and as part of a team.Confident and self-assured, displays sound judgement.Excellent communicator with strong oral/writing/organizational skills.Very high levels of accuracy and attention to details are mandatory.Someone seeking opportunities in a fast-growing business.Goodbody is an equal opportunities employer and is committed to fostering an inclusive workplace which values and benefits from the diversity of our workforce. #J-18808-Ljbffr