Oh oh! Awesome! {$ msg.text $} ({$ msg.count $})

Job Description

Cybersecurity has never been more relevant. With the potential of crippling ransomware attacks security and risk management leaders need to be able to define and address risks and threats in a new digital environment. Protecting your company and customers through cybersecurity is a business critical priority. Complex technologies, emerging threats and tight regulatory compliance demands a partner with global expertise.

Reporting to the head of cyber portfolio, the GRC lead will build a program from the ground up including security policy, risk management process, and compliance with standards and regulations such as ISO27001, NIST and GDPR.

Responsibilities

  • Develop the GRC operating model and a service-oriented customer engagement model.
  • Operationalize various GRC capability areas such as enterprise security risk management, compliance management, policy management, security awareness training, third party risk management, and metrics and reporting.
  • Lead the operationalization of security compliance programs to support various compliance regulations.
  • Perform risk assessments that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.
  • Work with various operational and business teams to drive toward a cohesive view of security risk and drive remediation items to closure. Maintain accurate reporting of remediation activities to bring appropriate visibility to stakeholders.
  • Monitor the security risk profiles of our suppliers to objectively determine high risk suppliers that require additional review.
  • Establish and maintain security metrics and reporting.
  • Respond to customer security/compliance questionnaires.
  • Act as security risk management ambassador to internal customers.

You will be responsible for:

  • The use of defined risk methodologies and best practices to perform IT/Security assessments. Responsible for the planning, scoping and execution of these assessments.
  • Driving remediation activities from identification, remediation plan and closure. Hold owners accountable to delivery of remediation solution within the agreed upon/reasonable SLA.
  • Development of actionable and agile security compliance programs to support various compliance regulations.
  • Operationalization of a metrics and reporting function to continually report on meaningful security, risk and compliance metrics for operational and executive management. Develop and manage the automation of KRIs and KPI reporting that align with operational/business risk areas and corporate risk.
  • Iterative improvement of security audits to compliment compliance objectives

Skills & Requirements

You will have:

  • Candidate must have 7+ years working in governance, risk and compliance and/or information security and risk management.
  • CISSP, CISM or similar.
  • Functional knowledge of applicable security regulatory requirements (SOX, GDPR, NIS-D).
  • Functional knowledge of ISMS governance models (i. e. ISO 27001, NIST, CAIQ, CIS), information security roles, security controls.
  • Functional knowledge of common security certifications (i. e. ISO 27001, SOC2) and ability to glean significance from findings identified in these reports.
  • Familiarity with Cloud Environments advantageous.
  • Ability to communicate risk methodologies and concepts to the business unit and IT.
  • Demonstrated experience with controls definition, development, implementation and assessment.
  • Strong interpersonal skills and ability to work effectively with diverse and distributed teams.
  • Strong attention to detail, project management and organizational skills.

Contact Person
Niall Bergin

About the company

At Sogeti, we know how to create value with technology- it’s our passion. We work closely with clients and partners to take full advantage of the opportunities of technology. We mobilize expert teams that create custom solutions from existing and emerging technology. Our value is in our approach, characterized by the speed with which we deliver specialist solutions in digital assurance and testing, data & analytics, digital & development, cybersecurity and life sciences.

Disruption is the norm in today’s digital and business environment. How quickly companies respond to change determines their future success – and their ability to realize rapid value from existing and future technology is crucial to this. At Sogeti, we collaborate across a global network to build innovations that push boundaries. But it’s the way we work with clients that sets us apart. Our client model means we can be hands-on from day one, getting to know our customers and their businesses intimately.

We embrace the value of diversity within Sogeti and the entrepreneurial spirit of our people. If you’re looking to join a company with a proven track record of success and that deeply values its people, Sogeti Ireland offers the opportunity for you to grow and advance.

Sogeti Ireland- where people matter and results count.

Visit website

Our Location

Dublin

Follow Sogeti Ireland