Information Security Associate Director
3 days ago
The Associate Director, Information Security GRC will manage the people, processes, and technology related to the company's security GRC group overseeing governance, risk, and compliance activities, such as client audit support, RFP response, internal IT audit, and contract review.
To carry out the GRC activities in line with business objectives, regulatory requirements, and strategic goals, focusing on ensuring alignment with contractual requirements and recognised security frameworks.
You will be the process owner for all IS Security GRC-related projects and activities.
You will assist the CISO in planning, developing, and overseeing the information security program, with a broad view of the effective integration of Security, Information Technology, new business development, the Office of General Counsel, and the professional responsibility group.
In addition to providing ongoing governance and oversight of IS GRC operations, the role assists the CISO with maintaining strategic alignment with the business, engaging in security outreach and promotional activities, and providing expert guidance to internal and external constituents.
Responsibilities: Direct responsibility for all aspects of IS GRC Ensure continual improvement of the information security program via the effective application of technology, systems, processes, personnel, skill development, and leadership Provide security services that meet or exceed the professional, contractual, regulatory, and certification requirements Manage the IS GRC people, processes, and technology infrastructure, including the creation and review of IS GRC standards, guidelines, and operating procedures Serve as the business owner for common IS GRC toolsets, platforms, and processes Work with the business development team to accurately represent the information security program during client audits and RFP Guide Legal regarding acceptable contract terms and conditions Lead the System Governance Virtual Team, promoting continual ISMS improvement Provide direction on risk assessment requirements and assistance with evaluating risk treatment plans Define documentation requirements to ensure compliance with ISMS requirements Advises the team regarding client contractual requirements and commitments relative to GRC practices Work closely with the Security Operations and Engineering teams to define, develop, and facilitate efficient and effective service delivery to constituent organisations Oversee the operation of integrated vendor and other risk assessment activities with assistance from the technical teams.
Meets published SLAs relative to the provisioning and support of GRC security operations and activities Understands policies and standards and is capable of conveying those requirements to end users in a professional and objective manner.
Maintain the Information Security Management System (ISMS), including the creation and review of policies, standards, and procedures Enforce, monitor, and report on compliance with the ISMS Manages the security awareness program including ancillary functions such as phish testing and other constituent outreach programs Liaises with system and business owners to ensure that new platforms are compliant with security requirements Maintains assigned systems to ensure availability, reliability, and integrity, including the oversight of current and projected capacity, performance, and licensing Provide status reports and relevant metrics to the CISO Manage the security-related information repositories and contribute to marketing/awareness endeavours Maintain situational and environmental awareness and utilise that knowledge to implement appropriate tactics and strategies to protect the organisation and assist with roadmap development.
Mentor and lead members of the Security GRC group by conducting effective performance reviews, suggesting development opportunities, establishing a culture of performance excellence, and maintaining the highest standards of ethical and professional care Participate in defining the DR/BCP practices as required Monitor changes in legislation and accreditation standards that affect information security Skills and Experience: Thorough knowledge of professional management practices including supervisory techniques, leadership principles, and employment practices Proficiency in oral and written English; Excellent verbal and written communication skills, including public speaking, and ability to convey complex concepts to non-technical constituents Ability to think and communicate strategically regarding the role of information security in a successful global organisation Ability to quickly ascertain the current capability-maturity level of an organisation and use that information when responding to RFPs, audits, contract reviews, and internal operations Ensure you have a good understanding of at least one of the major EGRC/ITGRC platforms Comprehensive understanding of major information security frameworks such as NIST, CIS, ISO , and COBIT Familiarity with common regulatory schemes such as GDPR, PCI-DSS, GLBA, FISMA, HIPAA, and ITAR Advanced understanding of technical controls, how those controls address risk, and how they map to framework and regulatory requirements Broad understanding of TCP/IP, DNS, common network services, and other foundational topics Knowledge of server, workstation, and Active Directory technologies that affect security controls Understand common security monitoring technologies such as SIEM, IDS, log management, and vulnerability assessment concepts Ability to gather and analyse facts, conclude, define problems, and suggest solutions Ability to maintain objectivity and composure under pressure Capable of assisting with the creation of internal training materials and documentation Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers.
By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be Skills: GRC security ISMS CISO Benefits: Competitive salary benefits & bonuses
-
Associate Director
2 weeks ago
Belfast, United Kingdom Ocho Full timeOcho are delighted to be working on an Associate Director - Information Security (GRC) role with a leading professional services client. Overview: The Associate Director will oversee governance, risk, and compliance (GRC) functions, leading teams, optimising processes, and managing technology. This position ensures that GRC initiatives are in sync with...
-
Director of Information Security
2 weeks ago
Belfast, United Kingdom Ocho Full timeJob Overview:Ocho is seeking a highly skilled Director of Information Security to lead our Governance, Risk, and Compliance (GRC) initiatives. As an Associate Director, you will oversee GRC functions, leading teams and managing technology to ensure regulatory standards and security frameworks are met.Responsibilities:Drive the governance, risk, and...
-
Information Security Director
1 week ago
Belfast, United Kingdom HAYS Specialist Recruitment Full timeThe role of Associate Director, Information Security GRC is to manage the people, processes, and technology related to the company's security GRC group. This involves overseeing governance, risk, and compliance activities, such as client audit support, RFP response, internal IT audit, and contract review. The successful candidate will have a thorough...
-
Information Security Analyst
1 month ago
Belfast, United Kingdom Pico Full timePurpose of the RoleWe are seeking a highly motivated Information Security Analyst to join our security operations team in either Belfast or Dublin. The successful candidate will be responsible for the daily monitoring and analysis of security events across a variety of systems, including email, SIEM, antivirus, IDS, and other security tools. You will play a...
-
GRC Associate Leadership
1 week ago
Belfast, United Kingdom HAYS Specialist Recruitment Full timeHAYS Specialist Recruitment Limited is seeking a highly skilled individual to fill the role of Associate Director, Information Security GRC. The successful candidate will be responsible for managing the people, processes, and technology related to the company's security GRC group. This includes overseeing governance, risk, and compliance activities, such as...
-
Strategic IT
3 weeks ago
Belfast, United Kingdom 9fin Full timeAbout 9fin9fin is a leading provider of debt market intelligence and offers a comprehensive platform to analyze credit and win mandates.Our mission is to change the way debt markets operate, leveraging our proprietary technology to deliver fast and comprehensive news, data, and analysis on corporate debt.As a scaling start-up, we invest in our people,...
-
Associate Director
6 months ago
Belfast, United Kingdom AtkinsRéalis Full timeThe AtkinsRéalis Infrastructure Project Delivery Practice (PDP) is the centre of excellence for the delivery of infrastructure projects and combines the best in project management and design management to provide a full suite of services to clients in the public and private sectors. The team is responsible for delivery of design services across our markets...
-
Security Specialist
4 weeks ago
Belfast, United Kingdom Momentum Security Recruitment Full timeRetail Loss Prevention OfficerWe are seeking a dedicated and customer-focused Retail Loss Prevention Officer to join our team at Momentum Security Recruitment. The successful candidate will be responsible for maintaining a safe and secure environment within our store, ensuring the protection of our assets and staff.The ideal candidate will have prior...
-
Information Security Expert
1 week ago
Belfast, United Kingdom Pico Full timeAbout the PositionThis is an exciting opportunity to join Pico's security operations team as a Security Operations Specialist. The successful candidate will be responsible for understanding and providing appropriate surveillance for critical cyber threats to Pico's Information Systems. You will play a key role in detecting and mitigating potential threats in...
-
Information Security Specialist
1 month ago
Belfast, United Kingdom H&R Talent Full timeA leading global payments company in London is seeking a skilled Information Security Specialist to join their team on a permanent basis with Hybrid working. The ideal candidate for this role is someone who is passionate about Information Security and has a natural ability to provide efficient IT solutions across the organisation.About the RoleThe company is...
-
Information Security Specialist
7 days ago
Belfast, United Kingdom aPriori Technologies Full timeJob OverviewaPriori Technologies is seeking an experienced Information Security Specialist to support the development, implementation, and maintenance of our Governance, Risk, and Compliance (GRC) program. This role will report to the Information Security Manager and will work with the security team to build and deliver initiatives to increase aPriori's...
-
Security Governance Manager
1 week ago
Belfast, United Kingdom HAYS Specialist Recruitment Full timeWe are seeking a highly motivated and experienced professional to fill the role of Associate Director, Information Security GRC. The successful candidate will be responsible for managing the people, processes, and technology related to the company's security GRC group. This includes overseeing governance, risk, and compliance activities, such as client audit...
-
Information Security Analyst
2 months ago
Belfast, United Kingdom VANRATH Full timeVANRATH are partnered with an established local organisation on their search for an Information Security Analyst to join their Infrastructure & Networks team. The succesful candidate will play a vital part in improving the company's cyber security and will be responsible for improving existing security procedures. This role is full-time on-site initially...
-
Information Security Governance Manager
1 week ago
Belfast, United Kingdom Enso Recruitment Full timeThe Role: Enso Recruitment seeks an experienced Information Security Governance Manager to oversee its GRC group, supporting the Chief Information Security Officer (CISO). Key responsibilities include leading and managing the GRC team, overseeing client audit processes, ensuring compliance with regulatory and contractual obligations, and developing and...
-
Belfast, United Kingdom Momentum Security Recruitment Full timeAbout Our Client:Momentum Security Recruitment's client is a leading fashion retailer seeking a Retail Loss Prevention Officer to join their team. As a major player in the retail industry, they prioritize the safety and security of their staff and customers.Job Description:The successful candidate will be responsible for providing a customer-focused security...
-
Belfast, United Kingdom DirectMedics Full timeAbout this RoleWe are looking for a seasoned IT leader to join our team at DirectMedics as the Chief Information Officer and Director of Information Technology. As a key member of our management team, you will be responsible for driving the strategic direction of our IT department and ensuring the effective delivery of technology projects and services.Key...
-
Information Systems Director
1 week ago
Belfast, United Kingdom Apple Recruitment Full timeJob OverviewWe are seeking an experienced Information Systems Director to join our team at Apple Recruitment. The successful candidate will be responsible for leading the development and implementation of our client's programme of intelligence.
-
Chief Information Security Officer
1 month ago
Belfast, United Kingdom 9fin Full timeAbout the RoleWe are seeking a highly skilled and experienced IT and Information Security leader to join our team at 9fin. As the Head of IT and Information Security, you will be responsible for establishing and leading our IT and information security department, ensuring the security and integrity of our systems and data.Key responsibilities will...
-
Cyber Security Leadership Position
1 week ago
Belfast, United Kingdom CV-Library Full timeAt CV-Library, we are seeking a highly skilled Cyber Security Associate Director to join our team. As a key member of our Information Security GRC group, you will be responsible for managing people, processes, and technology related to our security governance, risk management, and compliance activities.Key Responsibilities:You will oversee the effective...
-
Cloud Security Specialist
1 week ago
Belfast, United Kingdom Upwind Security, Inc. Full timeJob OverviewWe're looking for a skilled Cloud Security Specialist to join our Backend Engineering team at Upwind Security, Inc.This role will be responsible for ensuring the security and integrity of our cloud infrastructure, working closely with our Shift Left and CloudScanner products.Key ResponsibilitiesDesign and develop secure cloud-based applications...
