Information Security Lead
An excellent opportunity for an Information Security Lead to join a thriving company in Cork. The role involves delivering strategic cybersecurity consultancy across various industries and ensuring internal security frameworks align with best practices while supporting external clients in navigating complex regulatory landscapes, risk management, and security compliance.
Key Responsibilities:
* Lead a team of Consultants in delivering high-quality consultancy services.
* Provide expert Information Security guidance, ensuring both internal security governance and client compliance with industry regulations.
* Conduct risk assessments, develop mitigation strategies, and support compliance with ISO 27001, NIST, GDPR, and other relevant frameworks.
* Design and implement security policies, procedures, and control frameworks for both internal and external stakeholders.
* Lead security audits, gap analyses, and assist clients in preparing for regulatory assessments.
* Evaluate vendor security risks and recommend appropriate controls.
* D deliver cybersecurity awareness programs to internal teams and client organizations.
* Stay ahead of evolving regulatory requirements, cybersecurity threats, and best practices while contributing to thought leadership and industry events.
Key Requirements:
* Degree or Masters in Cybersecurity, Information Security, Risk Management, or equivalent experience.
* Two years in a similar role, with proven experience in GRC, cybersecurity frameworks, and regulatory compliance (ISO 27001, NIST, GDPR, SOC 2, etc.).
* Strong knowledge of risk assessment methodologies and control implementation.
* Experience conducting security audits, compliance assessments, and third-party risk evaluations.
* Ability to communicate effectively with technical and non-technical stakeholders, including C-level executives.
* Strong report writing and documentation skills, with the ability to translate complex concepts into clear recommendations.
* Highly organized, detail-oriented, and able to manage multiple projects simultaneously.
* Experience with cloud security compliance (e.g., Azure, AWS, GCP).
* Familiarity with info sec tools.
* Understanding of secure development practices.
* Industry certifications such as CISM, CISSP, CRISC, ISO 27001 Lead Implementer/Auditor, or equivalent.