Description
My client a leading Cork based company has an urgent requirement for an Information Security & Data Protection Manager. This is an initial 6 - 9 month contract position with the potential for future internal opportunities
The IS/DP Manager is responsible for the delivery and implementation of a professional information security and data protection service. This role will provide assurance around the areas of Security Awareness, service providers, internal Information Security controls and Data Governance. While technical information security controls will be delivered by the IT Function, the role will liaise closely with IT in agreeing requirements.
Responsibilities
- Development and implementation of a strategy that is aligned to the key objectives of the business;
- Provision of an information security & data protection service to the business that is designed to deliver on the IS/DP Mission;
- Protect business information assets through the identification, assessment, monitoring and reporting of information security/data protection risks including the assessment of emerging obligations and technology risks;
- Development and execution of an assurance plan over the critical information security/data protection risks facing the business;
- Through the development of a data governance process embed and co-ordinate information; security/data protection activities within the people/processes/systems of each function of the business
- Maintenance of information security policies, procedures and standards;
- Provision of training and oversight to all employees, contractors or other third parties, ensure proper information security in accordance with established organizational information security policies and procedures;
- Assessment of vulnerability of systems and infrastructure to information security threats;
- Monitoring of information security, including compliance with policies, procedures and controls;
- Managing response to any security incidents which may arise;
Experience Required
- CISA (Certified Information System Auditor), CISM (Certified Information Security Manager)
- Experience of managing information security in large scale organisation
- Experience with ISO 27001 framework.
- Experience with Data Protection Act 1988 and 2003.
- Strong risk framework knowledge and experience in running risk analysis testing
- Strong experience in the areas of assurance, compliance and governance
- Knowledgeable on security access technologies
- Understanding of information security processes and techniques (eg application and operation system hardening, vulnerability assessments, security audits, TCP/IP, intrusion detection systems, Firewalls, basic cryptography etc)
- Experience with identifying improvement opportunities, generating ideas and implementing solutions
- Have excellent analytical skills and be able to identify and analyse problems and potential improvements, and propose and implement solutions
- Ability to set up ongoing procedures to collect and review information as needed