Cyber Security

Cyber Risk & Assurance Advisor (Intermediate Role)

Responsibilities

• Cloud Security readiness assessments and development of Cloud Security Strategy
• Plan, execute and translate client requirements throughout the engagement
• Evaluate the design and the effectiveness of clients current security controls from a Risk, Compliance and Assurance perspective
• Ability to communicate clearly in written and presentation form
• Customer focus, understanding customer needs
• Identify opportunities for improvement for the customers whilst liaising with our Sales team to develop a potential lead for our technical services
• Data Security and Protection knowledge with alignment to the clients’ environment
• Security Policy framework development and implementation with alignment to best practise standards
• Effective Risk Management covering development and implementation of risk assessment methodologies; performing cyber risk assessments and recommending effective mitigating controls
• Guidance on the protection of information assets from all types of risks
• Preparing advice and assistance for client security audits and assistance with internal and external audits
• Understanding of and achieving regulatory requirements where required by specific industries
• Travel (national and international) may be required as part of this role, and as such a clean driving license and access to a car are essential
• Developing and supporting the implementation and continuous improvement of the controls framework, including policies, processes and procedures to comply with best practise standard
• Good understanding of the activities of the IT Incident, Problem and Availability Management; supporting and advising in the delivery pf of processes supporting key system
• Advising on initiatiation and lead service protection teams in response to repeat or persistent issues ensuring the correct level of focus and engagement to effectively manage the proces
• Advise on managing and provide guidance to the leaders of the governance forums within IT Service Management in relation to problem and incident service analysis and revie
• Provide independent, objective assurance to assess whether IT control objectives are established, risks are appropriately identified and managed, internal controls are in place to achieve management’s objective
• Design, advise and guide on the development of controls in line with service introduction to ensure all new and improved services comply with the IT controls framewor
• Ensure full and continued alignment of the processes within IT function to ITIL andISO27001 framework or other standarisations
• Advisory of developing and optimising controls in line with the ISO27001 standard, CobIT and other security framework
• Basic knowledge of IT Infrastructure and IT Operating models

Requirements

What is required by you: 

• 3 years + in an information security, risk or compliance related role, Information Security Officer or Cyber Security Consultant role
• Third Level Degree or Industry Certification Desired but not necessary (Currently undertaking certification will also be considered) CISSP, CISM or equivalent highly desirable

Experience

What you will bring to us:

• Energy, passion and a desire to learn
• Excellent written and spoken communications skills and ability to deliver strong presentations to “C” level and technical audiences.
• Excellent listening skills are essential so that you can communicate with the client, empathise with their situation and be able to demonstrate your understanding of their issues
• Flexibility in working methods and times (role may require you to work extra hours should the client call for it)
• The traits you will have are: honesty, positive, confident attitude, integrity, respect, support and helping others, likability.
• Fluent English communicator
• An ability to work with limited guidance but also as part of a mixed skilled team
• Ability to understand technical requirements and functionality
• A good working knowledge of information security frameworks and standards would be extremely beneficial
• Exposure to working with other requirements (SoX, Regulations, DP Act) would be very advantageous
• Ability to see the big picture and also have a keen eye for detail in different situations while making sure the message is clear and understood by all levels within a business
• A desire to start new projects, significantly contribute to on-going projects and deliver all projects to closure

What would be nice to have:

• Strong knowledge of IS and risk principles; IT audit, Business audit or Compliance experience with a desire to develop in the IT/IS sector

What would be really nice to have:

• Clear and conscise business writing skills
• CISSP, CISA, CISM, ISO27001 (Implementer or Lead Auditor), QSA (PCI-DSS), GIAC
• Experience of working in a variety of technology components e.g. UNIX, Windows, Network Architectures, Network Security, BC/DR Solutions, CSIRT

More Info

What we will provide for you:

• Opportunity to gain experience and knowledge in a key field of expertise
• Further educational and training to enhance your skillset
• Opportunities to expand you experience by learning new products or getting involved with internal projects
• We empower you to make your own Information Security or IT history by working with some of our market leading clients
• A leadership team who have a worthwhile mission and who excel at that mission.
• A chance to work with one of the market leaders in Information Security companies (Winner of the AIB Enterprise of the Year Award 2013, Nominated for EY, EOY 2015)
• A company that is going from strength to strength with significant growth plans that we are achieving