IT Security and Risk Manager
Dublin, County Dublin, Ireland
Applications have closed
Davy
The Davy Group offers multiple services from Wealth Management and Capital Markets. Our Wealth Management services include financial planning and retirement planning. The Davy Capital Markets services include equities and corporate finance.The Davy Group is Ireland’s leading provider of wealth management, asset management, capital markets and financial advisory services. You can read more about our growing company here: www.davy.ie
We value our employees as much as our clients, and are committed to embracing diversity in all its forms recognising that the breadth of thought, perspective and experience that emerges from a diverse workforce is essential to deliver on our core values.
Our city centre location, free access to our onsite gym and fitness studio, and impressive social calendar are just some of the unique benefits our employees enjoy while working at Davy.
Performance related bonuses, generous pension contributions and investment into further education demonstrate the value we place in developing and rewarding our staff.
Davy. Making a difference that matters.
An opportunity has arisen for an IT Security and Risk Manager to join our Information Systems team. This is a senior role within the Information Systems leadership team. You will be responsible for leading the information security program to ensure that technology, applications, systems, infrastructure and processes are effectively protected.
Key Responsibilities:
- Lead the IT Information Security and Risk team
- Develop and enhance our information security management framework based on ISO27001 and the National Institute of Standards and Technology (NIST) Cybersecurity Frameworks.
- Develop, establish and maintain standards, procedures and guidelines to promote the security and uninterrupted operation of computer-based systems at Davy
- Develop & maintain our strategic work Programme to prioritise & co-ordinate Information Systems security related activities & initiatives
- Project management of key initiatives.
- Coordinate the IT Risk management processes and engagement with internal and external stakeholders.
- Maintain a strong ongoing awareness of external threats & ensure the associated risks are understood & highlighted for action within the Information Systems department.
- Function as an internal consulting resource on information security issues.
- Ensure appropriate control environment in place and effective assurance around the controls.
- Establish, maintain & report key Information Security, Risk & Control metrics on a regular basis.
- Contact point for internal & external audits of Information Systems function.
- Engage with audit & regulatory oversight bodies as part of periodic IT & business reviews.
- Be a key member of the organisations’ Information Security Governance committee
- Chair Davy Information Systems Patch Management & Change Advisory Board meetings.
- Comply with the Risk and Compliance frameworks, policies and procedures associated with the role
Requirements
- Relevant 3rd level Degree or Masters
- Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.
- A minimum of 10 years Information Security experience in a Financial Services Organisation.
- Experience dealing directly with external audit/regulatory oversight bodies
- Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic business environment
- Proven track record in managing & reporting IT risks
- Strong technical skills
- Broad knowledge of information technology security solutions
- Good knowledge of cloud-based application security models
- Strong experience in evaluating 3rd party solutions and managing the selection process
- Strong experience in managing 3rd party solution providers
- Excellent organisational, verbal & written communication skills;
- A proven record as a team player;
- An ability to work under pressure and prioritise workloads and achieve critical deadlines
- Strong troubleshooting & problem-solving skills;
- Proven ability of operating at a senior level
- Ability to communicate effectively with technical & business stakeholders
Tags: Application security Audits CISA CISM CISSP Cloud Compliance Governance ISO 27001 NIST Risk management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs