Job Description
Information Security Manager (Governance, Risk, Compliance) 6 Month Contract Initially with scope for extension Location: Dublin 1 Hybrid Work Pattern: 50/50, initial stages of contract requires 3 days onsite then 2 days thereafter. Day Rate: Circa 550 eur Role Purpose The Information Security GRC Manager (GRC Manager) will lead the Governance, Risk, Compliance (GRC) team, overseeing the implementation of security policies, procedures and controls to protect the organisations information assets. The GRC Manager is responsible for overseeing and managing Information Security governance, risk management and compliance programs. The GRC Manager playing a key role in Information Security risk management and IT audit activities. The GRC Manager will also support the Head of Information Security in managing the organisations cyber security program, acting in a Deputy Head of Information Security capacity to cover period of leave. Responsibilities Lead the GRC team, to develop governance and compliance processes to provide oversight and reporting on key controls and risk measures. Further develop security control framework to measure security controls, ensuring they are operating as needed and any deviations are known and resolved, improvements identified and implemented. Monitor and ensure compliance with regulatory requirements, industry standards and internal policies. Enhance the current security risk assessment and risk management activities. Prepare and present reports on security metrics, incidents, and compliance to senior management. Support both internal and external audits as they arise as well as conduct security reviews as required under the 3rd Party Supplier Risk Framework, Tender processes and RFQs. Collaborate with GTS and other departments to integrate security into all aspects of the business. Lead and mentor team members across multiple Information Security domains. Support the Head of Information Security in managing the cyber program, acting as a Deputy Head of Information Security when required. Knowledge & Experience Ideally you will have a masters in information security, or related field and relevant professional certifications such as CISSP, ISSAP, CISA, CRISC, CISM, CGEIT are also a distinct advantage. A minimum of 10 years relevant experience in Information Security with a particular focus on Governance, Risk, Compliance, is required. Experience of leading a multidimensional and complex ISO certification programme is required and while not essential a background in Financial Services will be a distinct advantage. You will also have a strong understanding of new and emerging technologies. Excellent understanding of regulations such as NIS2, GDPR and CBI Guidelines. Excellent understanding of frameworks and standards such as NIST 2.0, CIS, PCI-DSS, ISO, PSD2. As an accomplished leader, you are adept at motivating and developing teams, demonstrating exceptional stakeholder management capability, harvesting, fostering and maintaining quality relationships. Critical Competencies The following competencies are critical to the delivery of results and/or to superior performance in this role: Attention to detail Decision making/judgement Leadership Influencing and gaining commitment Technical/professional knowledge Skills: Governance, Risk, and Compliance (GRC) Management Leadership and Stakeholder Management Regulatory Knowledge Security Risk Management Benefits: Work From Home