E-mail: betterlocaljobs@gmail.com

Technology Consulting (CYBER) – Cyber Risk Manager

Contract @Garniche Jobs UK in IT
  • Dublin View on Map
  • Post Date : July 11, 2022
  • Apply Before : August 10, 2022
  • Salary: $95,000,110,000.00 - $110,000.00
  • 0 Click(s)
  • View(s) 12
  • Share:

Job Detail

  • Job ID 206938

Job Description

OCC are working with a high-end client based within Ireland who are actively looking for a high end Risk Manager to lead their team. Our clients cyber security practice is one of the fastest growing areas of the business with significant ambition for the future through additional recruitment and acquisition. As part of our cyber team, you will be providing cyber risk advisory support and direction to help our clients improve their cyber security posture to respond to the dynamic nature of cyber security threats. You will provide security domain expertise and utilise your business insight to work closely with our clients to advise, design, build and deploy pragmatic security and risk solutions that will provide real and tangible benefits to protect their organisations.

 Key activities for this role include the following:

Identifying industry standards and regulatory guidelines for managing information security in order to minimise the risk of compromise of sensitive business systems.
Leading the development, maintenance, and evaluation of organisational security policies and procedures, and working closely with engineering and operations teams to ensure systems controls meet security requirements.
Managing and following up on the results of audits of system security and remediation efforts.
 Key Responsibilities

Design, implement, and maintain the overall IT/cyber security risk management framework across client organisations
Perform ongoing oversight and monitoring to ensure compliance by clients with the IT/security risk management framework
Support and challenge the assessment of IT and Security risk across all relevant areas of clients and escalate risk and control issues to the clients Chief Risk Officer as required
Design and implement appropriate reporting on IT and Security risk status to the Board and appropriate committees
Report and monitor the status of this to ensure risks remain within risk appetite and escalate any concerns to the clients Chief Risk Officer as required
Support and challenge client’s IT with its ongoing/periodic Risk and Control Self-Assessments (RCSAs) and perform Quality Assurance on RCSAs to feedback any concerns
Help drive the mitigation of key IT/security risks by identifying and recommending changes to policies and procedures, control enhancements, etc. as needed
Maintain awareness of emerging IT/security risks and trends and raise awareness of such risks to the clients' Board, Senior Management, and governance fora/committees as appropriate
Identify relevant IT/security regulations, interpret relevant requirements and disseminate these accordingly in the form of actionable requirements to the client’s functional areas
Provide risk management guidance to client’s business and IT teams on IT Outsourcing requirements and initiatives
Provide interpretation of IT/security-related regulations and guidelines and disseminate this to clients and monitor compliance with such regulations
Develop and monitor IT/security policies and procedures (e.g. IT policy, Information Security policy, Cyber Security policy, Outsourcing policy) and implement a schedule of regular reviews to ensure that policies are kept relevant and aligned to industry expected standards
Work in conjunction with relevant business stakeholders to ensure implementation of operational risk policies, standards, and procedures to achieve effective mitigation and treatment of IT and Security risks
Define, develop and implement appropriate IT/security risk assurance capability and associated risk reporting (including key risk indicators)
Work closely with the Chief Risk Officer to drive the continued development of the IT/Security risk management framework
 Qualifications & Experience

6+ years of experience in IT/Security Risk Management in either a first line or a second line capacity. IT Audit experience is also helpful
Experience in developing and maintaining Technology and Security risk frameworks, policies, and guidance
The ability to develop and foster strong relationships with relevant business stakeholders;
Proven communication skills, ability to work effectively with and influence stakeholders at all levels of an organisation
Strong understanding of technology/security risk and control and the business impacts of these risks, in particular, how they impact clients and their reputation
Strong communications skills, proven ability to work effectively with and influence the actions of stakeholders at all levels of clients. Credibility to influence Senior Management and wider internal and external stakeholders
Strong interpersonal skills and a team player;
Professional or third level qualification ideally in Risk, Compliance, Information Technology, Business or Finance
Knowledge of Operational Risk requirements and industry guidelines for IT and security risk management and mitigation within financial services
Good knowledge in relevant IT/Security domains (e.g. Application Development, Change Management, Application Security, Security Operations, Cyber Security Monitoring, Vulnerability Management, Incident Management, Identity and Access Management or Cloud Security/Infrastructure)
Professional certifications in the field of Operational Risk Management, IT Risk Management, Information Security, Cyber Security, etc. are highly recommended (e.g. CRISC, CISA, CISM, CISSP, ITIL, COBIT 2019, ISO2700X, NIST CSF, etc.)
Successful history in performing internal and/or external audits, including a focus on IT, Information Security, IT Continuity and Resilience, IT Disaster Recovery, and IT Outsourcing risk
Successful history of third-party risk management experience. Experience performing third party risk assessments in areas including but not limited to Privacy and Information Security