IT Security Controls & Reporting AnalystApplication Deadline: 31 December 2024
Department: Information Technology
Employment Type: Permanent - Full Time
Location: 10 Earlsfort Terrace, Dublin 2, D02 T380
Reporting To: IT Infrastructure & Security Manager
DescriptionKnown for a culture of innovation over our 100-year history, Arthur Cox are determined to play a leading role in the adoption of technology to drive value within our own firm, our client's business, and the wider legal industry. We are actively moving to a modern Microsoft based environment for our Digital Workplace and critical content management applications.
We are seeking a detail-oriented and experienced IT Security Controls & Reporting Analyst to join our IT Infrastructure and Security team.
The successful candidate will be responsible for engaging with client security audits, completing extensive cybersecurity questionnaires, leading third-party vendor assessments from a cybersecurity perspective and maintaining technical documentation.
This role is crucial in ensuring our firm's compliance with security standards and maintaining the integrity of our IT systems.
Key ResponsibilitiesClient Security Audits: Engage with client security audits and ensure all cybersecurity requirements are met. Complete extensive cybersecurity questionnaires accurately and in a timely manner.Vendor Assessments: In collaboration with the risk and compliance department, lead the cyber and information security assessments of 3rd party vendors, ensuring they meet our security standards.Policy: Develop and maintain security controls and policies to protect the firm's IT infrastructure.Performance Monitoring: Monitor and report on the effectiveness of security controls and recommend improvements. Prepare and present security reports to management and clients.Collaboration: Collaborate with internal teams to address security vulnerabilities and implement corrective actions.Documentation: Create and maintain detailed documentation regarding cyber security controls.Continuous Learning: Stay up to date with the latest cybersecurity trends, threats, and best practices.Security Awareness: Assist in the development and implementation of security awareness training programs for staff.Support incident response activities and investigations as needed.ISO27001: Participate in the annual ISO 27001 certification process. Skills, Knowledge and ExpertiseBachelor's degree in computer science, Information Technology, Cybersecurity, or a related field.2-3 years' experience in IT security, with a focus on security controls and reporting.Experience with regulatory compliance and audit processes.Experience with security risk assessments and mitigation strategies.Knowledge of third-party vendor risk management and assessment.Strong understanding of cybersecurity principles, frameworks, and best practices.Familiarity with security standards and regulations (e.g., ISO 27001, GDPR, HIPAA).Strong understanding and knowledge of cloud security principles and best practices, data protection and encryption technologies, network security, including firewalls, IDS/IPS, and VPNs, identity management.
Preferred experience for the role: Experience working in a law firm or legal environment.Knowledge of legal industry-specific security requirements and challenges.Advanced certifications in cybersecurity or related fields.Experience with security incident response and management.
BenefitsWe reward, encourage and support our talented people to reach their full potential offering excellent progression opportunities along with the following:
Market leading salaryDiscretionary annual bonus scheme25 days annual leave allowancePension schemeTaxSaver and Bike to Work schemeHealthcareFull gym and wellness programme
#J-18808-Ljbffr