We are Unio, an established Wealth Management and Employee Benefits business backed by Great-West Lifeco, via its Irish subsidiary Irish Life Group.Unio specialises in private wealth management and employee benefit consultancy and has over 30 years’ experience advising companies and personal investors.With offices in Dublin, Cork and Limerick, Unio has €14 billion in assets under administration and advice. We advise more than 10,000 private clients in relation to wealth management. The Group also manages occupational pension schemes on behalf of over 300 large corporates and 600 SMEs. In total, the firm has over 70,000 members in corporate pension schemes.Role:A new opportunity has arisen for an Information Security Manager position in Unio. Reporting to the Head of Risk and Compliance, the Information Security Manager is responsible for the development, implementation and management of Unios information security strategies, policies, and procedures. The role will also work closely with the Irish Life Group OCIO Technology Risk Team.This role ensures the protection of the company’s information systems from unauthorised access, data breaches, and cyber threats, while ensuring compliance with relevant industry standards, regulations, and best practices.Key Responsibilities:•Develop and implement information security policies:Develop and maintain robust information security policies and procedures that safeguard the organisation’s digital assets.• Risk Management:Identify, assess, and prioritise information security risks. Develop and execute plans to mitigate these risks, including vulnerability assessments, risk assessments, and incident response protocols.• Security Audits & Compliance:Monitor and ensure compliance with applicable security standards and regulations such as ISO 27001 and GDPR.Stay up to date on emerging security threats, technologies, industry trends and changing requirements and work with internal teams and our Central Technology Services to implement necessary controls and measures.Assist Unio with client and third-party audits.• Incident Response:Lead and co-ordinate the incident response teams in the detection, investigation, and resolution of security breaches or incidents.Develop and maintain a robust incident response plan, including communications with relevant stakeholders including senior management.• Training & Awareness:Oversee ongoing information security awareness training programs for employees.Promote security best practices and foster a security-conscious culture within the organisation.• Stakeholder Engagement:Collaborate with stakeholders including Irish Life Group’s Central Technology Services (CTS), compliance department, senior management, and external partners.Attend ILG for as a required. Become a trusted partner with the lines of business and assessment teams to facilitate cross-functional collaboration.• Vulnerability Management of Business Applications:Manage and co-ordinate vulnerability management of business applications – SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) and Pen testing on required applications within the Line of Business.• Vendor & Third-Party Management:Assess the security posture of vendors and third-party service providers. Ensure that security controls are adequate and consistent with organisational standards.• Business Continuity and Disaster Recovery:Liaise with CTS on business continuity and support Disaster Recovery testing and readiness activities.• Reporting & Documentation:Provide regular reports to senior management on security metrics, incidents, and compliance status.Ensure documentation of security processes, incidents, and recovery actions is thorough and up to date.Qualifications & Experience:3rd level qualification preferred.Recognised Information security/cyber security qualification preferred.Minimum of 5+ years of experience in information security, cybersecurity, or related roles with emphasis on risk management.Experience in developing and implementing security strategies in a corporate environment.Experience with regulatory compliance and security frameworks (e.g. GDPR, ISO 27001).Proficiency in security frameworks (e.g., ISO 27001, NIST).Knowledge of EU regulations such as: EBA Guidelines on ICT and Security Risk Management, EBA Guidelines on Outsourcing Arrangements, and DORA.Experience with risk management and penetration testing.Excellent communication skills (both written and verbal) including ability to devise and illustrate key metrics for the area.Demonstrated ability to influence executive-level strategic decision-making and translate technology insights into business strategies.Strong client focus combined with analytical and problem-solving mindset with attention to detail.Ability to work to tight deadlines completing deliverables as assigned by the Head of Risk and Compliance.Application Process:If you think you are a good fit for this role, then we invite you to apply. The Company reserves the right to draw up a shortlist as part of the selection process. The selection process employed will be at the discretion of the Company.