Senior Associate, Information Security & Risk Management
Senior Associate, Information Security & Risk ManagementWe are Grant Thornton.
We go beyond business as usual, so you can too. Grant Thornton Ireland (GT) has nearly 3,000 people in 9 offices across Ireland, The Isle of Man, Gibraltar, and Bermuda, with a presence in over 145 countries around the world, and a global network of over 68,000 people.
At GT, we work as trusted advisors, bringing local knowledge and national expertise, with a global presence, to help businesses succeed – wherever they are located.
The Sr.
Associate, Information Security position will be an integral member of the Governance, Risk & Compliance team.
This role will be responsible for organizing and managing evidence for external audits.
Work in Chief Information Security Officer (CISO) office under Director, Information Security Governance, Risk and Compliance.
Successful candidate will have a good mix of security knowledge, understanding of industry best practice, and a demonstrated background in information security risk management.
The candidate will be responsible for managing and responding to client security questionnaires, audits, and assessments related to the organization's information security posture.
This role involves working closely with internal teams, clients, and external auditors to ensure the company's security practices align with industry standards and client requirements.
The ideal candidate: is a self-starter, with the ability to drive tasks to completion independently and learn new skills on the job as program requirements evolve.possesses strong business judgment, deep analytical thinking, is comfortable managing multiple responsibilities within a fast-paced environment, and has worked collaboratively with others to develop, implement, and communicate business improvement and innovative strategies.possesses strong verbal and written communication skills, a solution-oriented approach, and relationship-building skills are important attributes to succeed in this role.has a global view of their business and thinks in terms of immediate problem solving while also automating, expanding, and scaling solutions broadly.Responsibilities: Governance: Participate in development of IT & Security policies, standards, and controls.Develop and implement procedures and processes in area of ownership.Participate in annual control attestation.Measure and report on security metrics and key performance indicators.Respond to cyber insurance questionnaires based on implemented security controls, certifications, and policies.Risk & Compliance Management: Conduct security risk assessments to identify and mitigate risks.Collaborate with internal teams to design and implement mitigation strategies for identified risks.Manage responses to client security questionnaires in a timely and accurate manner.Serve as the main point of contact for clients regarding security and IT-related audit inquiries and responses.Prepare and provide evidence for security audits, ensuring all documentation is complete and accurate.Identify opportunities to improve the efficiency and effectiveness of client questionnaire responses and audit processes.Continuously improve the organization's internal audit and compliance processes to meet client expectations.Provide recommendations to management regarding areas of improvement in security practices and compliance.Experience: 5+ years of experience in information security, with a focus on audit management.Experience with responding to security questionnaires and managing client audits.Familiarity with compliance frameworks such as NIST, ISO 27001, and others.Demonstrated advanced verbal and written communication skills.Excellent project management and organizational skills, with the ability to handle multiple audits and client requests simultaneously.Bachelor's degree in information security, Cybersecurity, Computer Science, Engineering or related field or equivalent work experience.CISA, CRISC, CISM, or CISSP certifications (one or more) preferred.Life at GT Reward and benefits: Our reward and benefits are designed to create an environment where our people can flourish.
Equity, diversity and inclusion
At Grant Thornton, we provide equitable opportunities for all our colleagues.
Recognition: We want to create a culture of recognition and celebrating success.
#J-18808-Ljbffr