Information Security Specialist

The Davy Group is Ireland’s leading provider of wealth management, asset management, capital markets and financial advisory services. You can read more about our growing company here: www.davy.ie

We value our employees as much as our clients, and are committed to embracing diversity in all its forms recognising that the breadth of thought, perspective and experience that emerges from a diverse workforce is essential to deliver on our core values.

Our city centre location, free access to our onsite gym and fitness studio, and impressive social calendar are just some of the unique benefits our employees enjoy while working at Davy.

Performance related bonuses, generous pension contributions and investment into further education demonstrate the value we place in developing and rewarding our staff.

Due to increasing demands on IT Security resources owning to the implementation of a number of security projects, increased regulatory requirements & the general rise in Cyber-security threats. Davy are looking to hire an IT Security Specialist. Reporting to the IT Security Manager, you will measure, report, monitor and improve the effectiveness of existing security controls and provide advice and recommendations to IT staff as to the implementation of new security controls.

You will be responsible for assisting in the implementation of security projects, identifying and implementing enhancements to existing controls were necessary. This position is a mixture of project and ‘Business as Usual’ work. There is minimal ‘hands-on’ operational responsibilities, but candidates will need to be comfortable with technology, and capable of independent research and analysis of security threats to new or emerging technologies.

Key Responsibilities:

• Assist the IT Security Manager (ITSM) in responding to security incidents.

• Monitor and report on the effectiveness of key security & IT controls.

• Maintain documentary evidence of security control effectiveness.

• Contribute to the maintenance and development of the IT Risk register and related processes

• Contribute to the introduction, maintenance, and development of security controls such as DLP, E-mail filtering, EUC application governance

• Generate monthly security reports

• Conduct and report on phishing tests

• Monitor compliance to security policies, identifying, documenting, and remediating deviations.

• Review & investigate the output of security tools, including Vulnerability Assessment, SIEM & automated scripts, for security vulnerabilities and significant changes to the security status of the organisation.

• Work with service delivery team to implement identified improvements or remediate vulnerabilities.

• Ensure configuration of security controls such as Email filtering, vulnerability management and Endpoint Detection and response systems are optimal

• Provide security policy implementation guidance to internal I.S staff.

• Monitor and action routine events and incidents reported to the security team.

• Work on multiple projects simultaneously.

• Maintain an awareness of security news and developments in industry standards.

Requirements

• Analytical, organised and problem-solving temperament by nature with the ability to troubleshoot issues independently
• 3-5 years’ experience in Information Security, IT RISK or related discipline.
• Advantageous - one or more of Security+, CISA, CISSP or related certifications.
• Advantageous – Degree in Information Security or IT.
• Advantageous – IT Risk experience
• Advantageous – IT security compliance experience
• Advantageous- Knowledge of IT Security best practices
• Advantageous – Knowledge of Information Security and Risk frameworks such as COBiT, ISO 27001, NIST, CIS Top 20.
• Advantageous – Knowledge of Project Management methodologies.
• Excellent written and strong verbal communication skills.