Background
Zurich Dublin Technology Center is looking for an Information Security Assurance Lead to join the Global Information Security Governance team focusing on Controls and Assurance
Your Role
As an Information Security Assurance Lead your main responsibilities will include, but not necessarily be limited to, the following:
• Holistically review and carry out technical control's assurance on Zurich’s core security technologies, core cloud public and private platforms, including major SaaS providers to provide assurance that security controls are operating effectively.
• Document assurance findings linked to security controls, highlighting gaps, issues and the effectiveness of controls. Where relevant support risk assessments with SME advice.
• Advise and support on internal controls assurance (i.e. SOC2) for technical security controls
• Support the creation and updating of Information Security Standards, Procedures and Metrics (KPI’s/KRI’s) to support technical security controls
Your Skills and Experience
As an Information Security Assurance Leadyour skills and qualifications will include:
1. Solid understanding of how security technologies operate covering identity, anti-malware, DLP, network/perimeter, vulnerability management, mobility/endpoint and cyber detection
2. Solid understanding of internal controls assurance, auditing and reviewing of security governance and technology
3. Strong knowledge of controls frameworks such as NIST CSF, ISO 27001 and SOC2
4. Strong technical understanding of cloud architecture
5. Ability to present complex issues and technical risk to non-technical audiences in a manner so they understand the risk/issue
6. Security certifications such as CISSP, CCSK, CCSP or CISM.