Senior Information Security Risk Analyst

Senior Information Security Risk Analyst Image
Senior Information Security Risk Analyst




Ref: E9844SD

Job Description

My Dublin-based client requires a Senior Information Security Risk Analyst to assist their Head of Information Security and their team.

Job Responsibilities

  • Develop, update, implement and maintain a Governance, Risk and Compliance framework.
  • Develop supporting policies, procedures, standards and technologies across the company and its various divisions and business enterprises to implement the framework.
  • Define security requirements and act as a security specialist for IT and Business projects.
  • Assess and report on internal compliance with company policies and standards
  • Develop and provide supporting awareness training for employees
  • Maintain and mature the existing third-party management governance framework
  • Annual review of the third-party risk register
  • Evaluation of new third parties
  • Engage with business owner(s) of the third-party relationships in respect of onsite audits
  • Conduct onsite audits of third parties to determine their compliance with information security best practices and, where relevant, security controls in contract clauses
  • Liaise with the company’s Data Protection Team in relation to GDPR compliance and third-party management
  • Oversee and assist in the scoping, completion and implementation of recommendations arising from third party information security specialist and/or external audit reviews
  • Support the business, IT and Information Security Team during internal and external audits
  • Support the Head of Information Security and Information Security Team during an incident
  • Conduct technical and procedural assessments of the company’s systems, applications and business activities as requested by the Information Security Manager, followed by formal reporting and tracking of remediation activities to completion

Essential and Desirable Skills

  • Strong attention to detail
  • Sound understanding of information security concepts and technologies such as encryption of data in transit and at rest, security information and event management, identity and access management
  • Experience of completing external audits and reviews
  • Good understanding of security concepts for Cloud based services based on PaaS, IaaS, SaaS
  • Knowledge of perimeter security controls – firewall, IDS/IPS, network, access control and network segmentation, router, switch and VLAN security; wireless security, security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies and network security architecture development and definition
  • Knowledge of third party auditing and cloud risk assessment methodologies
  • Natural technical curiosity and enthusiasm for technical detail, with a strong drive for self-learning
  • Motivated, high energy, with the ability to work under own initiative and with others to get things done

Experience Required

  • Security certification, or equivalent professional experience such as CISSP or third level qualification in Information Security or related field or equivalent qualification or work-related experience.

Working Hours & Benefits

  • 21 days annual leave
  • Pension
  • Bonus

How to Apply

If you are interested in this role, then please Apply along with your updated CV and I will be in touch with you to discuss your application in more detail, otherwise feel free to connect with me by whichever medium you are most comfortable with be that Linkedin, Email or Telephone. Remember we have limited our site to a maximum of 200 Jobs so if this Role is not a 100% match to your requirements please be sure to connect with us as we will most likely have another role which you may find more suitable.

Apply for Job

Not what you're looking for?

If this isn't the job for you then why not reach out to one of our consultants today and send us your CV so we can find the one that is?

Reach out to a Consultant