IT Security Controls & Reporting Analyst
Application Deadline: 31 December 2024
Department: Information Technology
Employment Type: Permanent - Full Time
Location: 10 Earlsfort Terrace, Dublin 2, D02 T380
Reporting To: IT Infrastructure & Security Manager
Description
Known for a culture of innovation over our 100-year history, Arthur Cox are determined to play a leading role in the adoption of technology to drive value within our own firm, our client’s business, and the wider legal industry. We are actively moving to a modern Microsoft based environment for our Digital Workplace and critical content management applications.
We are seeking a detail-oriented and experienced IT Security Controls & Reporting Analyst to join our IT Infrastructure and Security team.
The successful candidate will be responsible for engaging with client security audits, completing extensive cybersecurity questionnaires, leading third-party vendor assessments from a cybersecurity perspective and maintaining technical documentation.
This role is crucial in ensuring our firm’s compliance with security standards and maintaining the integrity of our IT systems.
Key Responsibilities
* Client Security Audits: Engage with client security audits and ensure all cybersecurity requirements are met. Complete extensive cybersecurity questionnaires accurately and in a timely manner.
* Vendor Assessments: In collaboration with the risk and compliance department, lead the cyber and information security assessments of 3rd party vendors, ensuring they meet our security standards.
* Policy: Develop and maintain security controls and policies to protect the firm’s IT infrastructure.
* Performance Monitoring: Monitor and report on the effectiveness of security controls and recommend improvements. Prepare and present security reports to management and clients.
* Collaboration: Collaborate with internal teams to address security vulnerabilities and implement corrective actions.
* Documentation: Create and maintain detailed documentation regarding cyber security controls.
* Continuous Learning: Stay up to date with the latest cybersecurity trends, threats, and best practices.
* Security Awareness: Assist in the development and implementation of security awareness training programs for staff.
* Support incident response activities and investigations as needed.
* ISO27001: Participate in the annual ISO 27001 certification process.
Skills, Knowledge and Expertise
* Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
* 2-3 years’ experience in IT security, with a focus on security controls and reporting.
* Experience with regulatory compliance and audit processes.
* Experience with security risk assessments and mitigation strategies.
* Knowledge of third-party vendor risk management and assessment.
* Strong understanding of cybersecurity principles, frameworks, and best practices.
* Familiarity with security standards and regulations (e.g., ISO 27001, GDPR, HIPAA).
* Strong understanding and knowledge of cloud security principles and best practices, data protection and encryption technologies, network security, including firewalls, IDS/IPS, and VPNs, identity management.
Preferred experience for the role:
* Experience working in a law firm or legal environment.
* Knowledge of legal industry-specific security requirements and challenges.
* Advanced certifications in cybersecurity or related fields.
* Experience with security incident response and management.
Benefits
We reward, encourage and support our talented people to reach their full potential offering excellent progression opportunities along with the following:
* Market leading salary
* Discretionary annual bonus scheme
* 25 days annual leave allowance
* Pension scheme
* TaxSaver and Bike to Work scheme
* Healthcare
* Full gym and wellness programme
#J-18808-Ljbffr