International Company with a central Dublin base require an ICT Security & Governance Manager to take ownership of ICT Security Services and solutions ensuring security controls are effective and appropriate.
Key Responsibilities
- Lead in all aspects of planning, execution and reporting for ICT controls, PCI compliance, Information security and auditing
- Design, advise and guide on the development of controls in line with service introduction to ensure all new and improved services comply with the ICT controls framework
- Ensure ICT control tests are competently delivered, identify control issues/exceptions and ensure they are, well defined and that root causes are analysed, and addressed.
- Ensure appropriate reports on incidents, events of interest and control failures are carried out, analysed and documented
- Governance of ICT security processes, policies and procedures, risk management and disaster recovery
- Provide ICT Security advice, guidance and support for projects
- Maintain a programme of continuous monitoring, scanning and testing to provide assurance that ICT Security standards are being adhered to
- Effective Risk Management covering development and implementation of risk assessment methodologies; performing risk assessments and recommending effective mitigating controls
- Monitor vulnerability assessments and ethical hacks, ensuring that issues are addressed
The incumbent will take ownership of the following areas within the ICT Security and Governance space
Continual service Improvement,
Reporting
Partner / Vendor management
Commercial / Financial
Participate in appropriate commercial negotiations
Support budgetary management of ICT Capex and Opex
Documentation and standards
Leads with the creation and maintenance of the necessary level of process documentation
Requirements
- A seasoned IT Security professional with solid ICT Security management, and significant experience in Security Operations
- Familiarity with the tools and techniques used by ethical hackers including vulnerability scanners and network mapping tools an asset
- Professional designation relating to Information Security (e.g. CISSP, CISM, CISA) is an advantage
- Good knowledge of ICT standards and methodologies including ISO 27k, PCI DSS, COBIT, ITIL, etc.
Personal attributes,
Strategic awareness and ability to shape the short, medium and long term strategy for IT Security.
Exceptional ability to motivate and influence key contacts and decision makers
Excellent verbal and written communication and presentation skills
Experience in creating a high-performance culture, performance evaluation and employee engagement.
Project Management capabilities with ability to plan, initiate, monitor and implement projects within a tea