Job Data Security/ Compliance

Senior Security Assessment Consultant

Security Assessment IT security IT Risk Management

Established in 2013 and now based in Blackrock, the ITS Dublin Hub delivers best in industry infrastructure and security services across the Zurich Insurance Group. Whether it's with one of our core capabilities such as Cyber Security, or working with our Cloud or Crowdsourcing teams, our customers are our priority. We work hard to deliver our services excellently with our unique talent. We are committed to working with the best and brightest people from the broadest talent pool possible. We believe a diversity of ideas fosters innovation and engagement, allows us to attract the best people, and to develop the best products, services and solutions. Qualified individuals from all walks of life are encouraged to apply. 


Zurich Dublin Technology Center is looking for a Senior Security Assessment Consultant to manage information security, IT and compliance risks, to support Zurich's business goals. We are also charged with being cyber and IT security ambassadors across our organisation. Reporting to the Global Assessment team within Information Security Governance, this is a lead role in managing and performing information security assessments for high impact IT services being delivered to Zurich. You will deliver key governance, compliance and risk enforcement messages to our key vendors and within the organization and work with our key vendors to assess their IT controls, commitment to their compliance and security obligations, and manage next steps. You will work with our security, compliance, legal, risk and procurement professionals to enforce compliance and escalate issues. You will be the voice of Zurich and Farmers to our key vendors and continuously improve and refine our processes and tools. You will report progress against milestones, risks and issues to the Head of Global Security Assessments.

Your Role

As a Senior Security Assessment Consultant your main responsibilities will include, but not necessarily be limited to, the following:

  • Consultancy on projects and services for effective risk mitigation and control implementation
  • Apply and support IT security, risk and compliance technologies
  • Review and support requests for vendor security due diligence assessments
  • Assist with complex projects to identify business and technical security requirements, design security controls and test their effectiveness
  • Assess operational risks and perform IT risk assessments within the organization
  • Assist coordination and implementation of appropriate IT governance, metrics collection, and reporting capabilities
  • Enable compliance with IT-related policies and regulatory requirements; develop and support plans to remediate compliance gaps
  • Track timely closure of identified control gaps and support action owners during issue remediation
  • Provide input to improve efficiency and effectiveness of IT Security Governance Services and Group Information Security processes
  • Deputize for the Head of Global Security Assessments
  • Bachelor’s Degree or equivalent in IT, Business, Computer Science or a related field
  • Minimum 5 years professional experience including 2+ years IT security / cyber
  • Experience of assessing Cloud infrastructure
  • Experience of implementing and auditing Information Security Management Systems
  • Ability to understand and interpret IT architectural diagrams/data flow diagrams
  • Experience of providing consultancy support to projects or business team, or of operating within an associated field such as IT, information security, risk and/or complianc
  • Relevant degree or diploma programme of study
  • Knowledge of information and/or IT risk management standards and disciplines would be an advantage; particularly control frameworks such as ISO 27000 series, NIST's Cybersecurity Framework and SANS Critical Security Controls
  • Experience with Security Assessments and assessing Cloud infrastructure
  • Ability to understand and interpret IT architectural diagrams 
  • Excellent communication skills, being able to take part in meetings and provide expert advice
  • Good listening and questioning skills
  • Proven ability to succeed in collaborative work environments and build relationships
  • Security and data protection accreditations (such as CISA, CISM, CISSP, ISO27001, GDPR etc) would be an advantage
  • Knowledge of GRC tools such as ServiceNow, Process Unity, Synergi or similar products and tools would be an advantage.
  • Knowledge of PowerPlatform tools such as PowerApps and PowerBI would be an advantage.
Apply
Related Feeds