The Role :-
· Support and advise on Information Security Management System (ISMS) and associated controls;
· Support and advise on management of risk and provide a transparent view of risk posture to stakeholders;
· Support and advise on compliance with relevant control standards, regulation and audit requirements;
· Provide Information Security Risk Assessment function to the business.
· Responsible for the oversight and monitoring of riskin line with the ISMS;
· Collaborates with security and audit teams to ensure controls are operating in line with policies.
Key Responsibilities :
- Document and monitor risk and control environment to identify existing and emerging risks and issues;
- Evaluate and document issues related to changes in the risk environment and risk priorities;
- Identify and aggregate thematic risk related to findings and trends, e.g. regulatory preparedness, thematic concerns;
- Engage Internal Audit to discuss risk posture and audit inputs;
- Communicate heightened risk that is relevant to stakeholders and customers to ensure transparency and appropriate prioritization for remediation;
- Understand legal and regulatory obligations relevant to the product and how the processes and associated controls provide evidence of compliance;
- Partner with business stakeholders to respond to customers, external audit and regulatory requests for information;
- Educate and advise on security policy, standards and procedures;
- Manage and maintain external certification activities.
Required Skills, Qualifications, and Experience :
- Working within the technical financial services industry, or other highly regulated industries
- Information security management, governance, and compliance principles, practices, laws, rules and regulations, e.g. NIST, ISO, NIS, DORA and GDPR;
- Information technology systems and processes, network infrastructure, data architecture, data processes and protocols;
- Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration, e.g. CIS, CSF;
- Information systems auditing, monitoring, controlling, and assessment process;
- Incident response management, e.g. ITIL;
- Risk assessment and management methodology, e.g., NIST, ISO 27005;
- Security training techniques and reporting activities.
- Developing and implementing enterprise governance, risk, and compliance strategy and solutions;
- Researching and understanding security information related to internal and external organizations using online and other sources;
- Management of technology vulnerability and threat information;
- Security project management and planning;
- Risk management, information security and audit management lifecycles.
About ION :
ION is a global software company, headquartered in Dublin, but with a global presence. Our customers are the world’s largest companies, who rely on us to perform mission critical services every day. So, no pressure!
We have over 10,000 employees and offices in more than 40 cities around the globe, but we’re only getting started. As the leading consolidator in our space, we have been acquiring companies to add to our scale and product portfolio at a rapid rate.
Get notified for similar jobs
Sign up to receive job alerts