Head of Information Security

Unijobs on behalf of our public sector client, are currently recruiting for the position of Head of Information Security in South Dublin and various other sites in Dublin. The role is hybrid with 3 days on-site and 2 days remote. This post is for 18 months initially with the high possibility of extension thereafter.

Working 35 hours per week - 9-5, Monday-Friday with infrequent weekend work. The successful candidate will be employed as an agency employee and will be paid based on an annualised salary of €165,000 DOE.

The successful candidate will:

• Deliver a NIS2 aligned cybersecurity strategy and compliance framework, ensuring the organisation meets obligations under Articles 20 and 21.
• Establish a mature and transparent governance model, with clear reporting to the Board, Information Management and Governance Committee, Deputy CEO and senior stakeholders.
• Strengthen Clients cybersecurity operating model, including SOC, MDR, SIEM, incident response, threat intelligence and security monitoring.
• Enhance resilience across clinical and operational services, including crisis management, business continuity readiness and incident response playbooks.
• Build and manage a comprehensive Third-Party Risk Management programme for all ICT and cybersecurity vendors.
• Improve core controls—patching, vulnerability management, access management, security architectures, and medical device security.
• Lead client’s cybersecurity response capability and run major crisis simulations.
• Recruit, develop and mentor a skilled cybersecurity team, and implement a formal training and uplift programme for client’s ICT and cybersecurity personnel.
• Embed a culture of security across all client’s sites through an enhanced awareness and security champion programme.

Key Responsibilities

1. Strategy & Leadership

• Lead the development and execution of organisation’s information security strategy, ensuring alignment with organisational goals and NIS2 requirements.
• Serve as the strategic security advisor to the CTO, Senior Leadership Team, Board and Government stakeholders.
• Drive a multiyear cybersecurity transformation programme, focusing on resilience, regulatory compliance, and clinical safety.
• Establish an organisation wide security by design approach across all digital developments and investments.

2. Governance & Risk Management

• Oversee the organisations information security governance framework, reporting key risk indicators to the Board and Information Management and Governance Committee.
• Provide regular and transparent programme updates to senior leadership and enterprise risk functions.
• Maintain an integrated view of cybersecurity risk across the estate.
• Lead the Third-Party Risk Management programme, ensuring effective oversight of all security vendors and outsourced services.
• Manage capital and operational budgets for the information security function.
• Ensure organisation meets all obligations under NIS2 and acts as the primary point of engagement with regulators.

3. Cybersecurity Operations

• Lead and uplift security operations capability across, including monitoring, detection, investigation and response.
• Strengthen patching, configuration management and vulnerability assessment practices.
• Enhance cyber crisis management capability, including major incident coordination and scenario testing.
• Ensure secure architecture design and standards for ICT systems and medical devices.
• Identify non-IT managed IT services and lead a structured onboarding and risk reduction programme.

4. Organisational Enablement & Culture

• Build and mentor a high performing cybersecurity team, initially consisting of existing contracted specialists.
• Develop a recruitment strategy to expand and strengthen internal capability as the organisation matures.
• Lead information security awareness programme, with defined metrics for effectiveness.
• Champion information security across a distributed organisation, embedding cultural change and local accountability.
• Advance cross functional collaboration with risk, compliance, privacy, clinical leadership, and operational teams.

5. Quality, Safety & Regulatory Alignment

• Maintain working knowledge of all relevant HIQA standards, including healthcare, infection control and hygiene standards.
• Ensure the application of security controls supports patient safety, clinical continuity and regulatory compliance.
• Promote sustainable IT practices aligned with client’s energy and environmental commitments.

Essential Qualifications & Professional Experience

• Professional certifications such as CISM, CISSP, CISA, CRISC, or equivalent.
• Demonstrable experience leading large scale cybersecurity programmes (multimillion euro/dollar).
• Proven experience in information security leadership within the European healthcare sector.
• Strong architectural knowledge and experience delivering enterprise class security solutions.
• Expertise across SOC, SIEM, MDR, threat intelligence and targeted attack testing.
• Experience managing vendors, contracts, budgets and outsourced services.
• Senior level leadership experience managing distributed teams and complex change.

Skills & Competencies

Professional Knowledge

• Deep understanding of cybersecurity controls, risk assessment, enterprise architecture and governance.
• Experience improving cybersecurity posture and delivering measurable security enhancements.
• Strong background in business continuity, crisis response and operational resilience.

Leadership & Change

• Proven ability to lead teams, engage stakeholders and drive large scale transformation.
• Ability to innovate and deliver in complex, high pressure environments.
• Strong financial, programme and people management capability.

Communication & Stakeholder Management

• Exceptional interpersonal and communication skills, capable of building trust across senior levels.
• Ability to articulate strategy, negotiate outcomes and influence organisational direction.
• Skilled in building professional networks and navigating complex political landscapes.

Critical Thinking & Decision Making

• Strong analytical capability with the ability to evaluate complex information objectively.
• Willingness to challenge assumptions and uphold integrity in difficult circumstances.
• Confidence in making timely, strategic decisions.

Personal Effectiveness

• Composed and resilient during crises; able to maintain perspective under pressure.
• Demonstrates clients core values, adaptability and a commitment to continuous learning.

*This position may be subject to Garda Vetting and Foreign Police Clearance, if applicable you will be required to obtain these prior to commencing in this role*

Unijobs is an equal opportunities employer