Our client is a world-class, globally recognised Irish brand that is looking for a Risk & Compliance Manager to join their growing team. The company is well established and has more than 2000 employees across several countries. This role will report to the Head of IT.
Role Profile: Working within the Information Security framework, the IT Risk and Compliance Manager will be responsible for ensuring the IT Risk Management and Information Security Governance strategies are adopted across all areas of the company. The role will be required to carry out Risk assessments on the IT footprint & processes and detail corrective action plans. The role will also be responsible for an Information Security compliance programme ensuring the firm is in compliance with all applicable standards, laws and regulations.
Key Responsibilities
Maintain IT Strategic Risk Process and IT Risk Register
Conduct risk assessments and audits both internally and with 3rd party providers of existing and proposed IT services to identify compliance risks and recommend mitigating controls
Investigate potential control breaches and corrective actions and mitigating controls
Work with the IT team and other departments to ensure that all systems, applications, and data are compliant to standards
As part of a team, respond to information security alerts and incidents.
Drive compliance-related training programmes and a cyber safety culture
Respond to inquiries from staff and other departments regarding compliance-related issues
Ensure requirements are reflected in Information Security policies, standards and procedures
Ensure has an effective Cyber Security response and recovery plan covering People, Process & Technology which is tested and updated on an agreed schedule
Managing the engagement with Internal Audit for specific IT audits and Management Action Plans
Prepare performance reports for compliance activities, risk management processes, scheduled audits and completion of recommendations for management
Understand and keep abreast of all relevant standards, policies, procedures, laws, and regulations related to IT governance and compliance
Key Requirements:
Bachelor’s degree in computer science, information systems, or related field
5+ years’ experience in IT compliance, risk management, or related field
CISA, CISSP, or other relevant certification
Strong understanding of IT compliance frameworks, including, PCI-DSS, etc.
Experience developing and implementing compliance programs