Data Security/ Compliance

Governance, Risk & Compliance (GRC) Information Security Analyst

Three Ireland are seeking a Governance, Risk & Compliance (GRC) Information Security Analyst to join the Three Ireland Governance & Security Team. The focus of the role is to support the Governance & Security team in further embedding effective information security and compliance frameworks, systems, and policies to help protect Three’s business into the future.

The successful candidate will be passionate about information security and will serve an integral role as part of a community of information technology security professionals supporting Three Ireland. You will be involved in strengthening the company`s information security & compliance capability as well as supporting the business in mitigating key information security risks.

A self-starter, this person will be ambitious and will thrive in a fast-paced operational environment, anticipating and responding to information security threats, trends, and potential opportunities as they arise.

What else it involves

  • Support the development and improvement of Three’s information security management system (ISMS), information security strategy, policies, and controls in a fast paced, complex environment, including large Enterprise, Cloud and IoT.
  • Lead and support ongoing communication, education and awareness activities based on agreed Information Security policies and best practices.
  • Review, assess and report upon the implementation and application of established standards including NIST, PCI-DSS and ISO 27001.
  • Review and audit third party vendor arrangements in the context of compliance with security policies and procedures.
  • Engage with internal & external stakeholder groups to maximize the deployment and implementation of information security best practices.
  • Support wider security team responses to potential security incidents.
  • Prepare and support internal and / or external compliance audit activities.
  • Inform and support the development of additional metrics for measuring information security effectiveness.
  • Recent experience (1 – 2 years+) in general information security and compliance environments looking to develop their knowledge and experience within the Telecoms industry.
  • Team player with effective communication, report writing and influencing skills.
  • A 3rd Level qualification in Computer Science, Information Technology, or a related field (for example, cyber security) is an advantage.
  • Some knowledge of current information security and compliance trends affecting large-scale organisations is required.
  • Professional certification (e.g., CISA, CISSP, CompTIA Security+) or working towards same is a distinct advantage.
  • Experience in reviewing information security and/or compliance frameworks (e.g., PCI-DSS, NIST Cybersecurity framework, ISO27001) and information security risk management methodologies is a distinct advantage