Information Security Manager

Job Title: Information Security Manager

Location: Dublin 15, (required to attend Meetings at client offices)

Contract / Permanent: FTC 12 Months, With further extension

Start date: March 2025

Service Delivery

• The nominated person would be required to attend Meetings at client offices. In addition, the nominated person would be required on an “on-call” basis for Ad Hoc calls during business hours.
• It is envisioned that up to 8 days per month may be required, on average 2 days per week, but there is no commitment on minimum days.

Experience Level Required:

• It is a mandatory requirement that the Resource proposed for this role has not less than 4 years relevant experience. Any other experience levels less than this will not be accepted.
• It is a mandatory requirement that the Resource proposed hold the following qualifications or equivalents: CISM (or equivalent), CISSP (or equivalent), or CCSP (or equivalent)

Key Deliverable:

The following non-exhaustive list of Key Deliverables are applicable to this Role.

• An initial review of the current environment and security framework to develop knowledge required to provide in context advice.
• Creation of a defined IT security strategy and roadmap.
• Lead the implementation of the agreed IT security strategy and roadmap
• Recommend improvements to the current security framework, security policies and cybersecurity strategy.
• On-going advice and guidance in relation to information security and cybersecurity
• Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
• Assist with the selection of appropriate cybersecurity technologies, services, and solutions.
• Provide thought leadership in cybersecurity.
• Keep abreast of the latest cyber security trends, technologies, threats, and solutions in order to keep the organisation informed of developing threats and improvements to the security framework.

Key Experience/Competencies/Skillsets:

The following Experience/Competencies/Skillsets are applicable to this Role. The proposed resource must have experience in performing and delivering the following:

• NIST-CSF, CIS critical controls gaps and risk assessments
• Review of current security environment and security framework
• Creation of IT security strategy and roadmap
• Project management of the implementation of IT security strategy and roadmap
• Risk Assessment of Microsoft M365 Services
• Review, design and implement Incident response, business continuity and disaster recovery process
• Assessment of Threat and vulnerability management and patch management
• Information security controls implementation and maintenance
• Development and management of IT Risk Register