Position: IT Security Officer

Job Purpose:

· To manage all aspects of the Information Security function including establishing, maintaining and monitoring the policies and procedures which promote the secure and uninterrupted operation of all information technology systems, and to implement the necessary controls and procedures to cost-effectively protect information systems assets from intentional or inadvertent modification, disclosure or destruction.

Responsibilities:

· Implement standards, procedures and guidelines to prevent the unauthorized use, release, modification or destruction of data in any form in Europe.

· Manage, track and oversee the Information Risk Assessment process, business line self-assessment and building permit processes.

· Work with software development teams to achieve security certification of applications, review systems designs to ensure essential security measures are in place

· Implement as necessary security procedures identified or required by internal auditors, external reviews, legal requirements and corporate security.

· Work with regional / local IT support groups to implement security rule changes, e.g. gateway port openings, Web access to specific URLs

· Work with local IT teams to certify external support providers based on security processes

· Manage the review / approval / submission and tracking of firewall and Risk Acceptance requests related to projects throughout the division.

· Manage responses to security events / alerts from internal  systems.

· Review new security technologies and recommend them for implementation.

· Collaborate with Corporate Security team to ensure compliance with EU and US government regulatory requirements (i.e. EU data privacy law and Sarbanes-Oxley).

Skills / Competencies Required:

· Good interpersonal and communication skills, with ability to coach and influence effectively in an international context

· Knowledge of Information Security (data security, security architecture, security auditing, security operations & administration)

· Knowledge of Information Risk Management (risk / control frameworks, risk assessment processes)

· Knowledge of business applications in the Financial Services industry; Platforms should include legacy, midrange, client / server and personal computing

· Knowledge of enterprise-wide networking from a security perspective

· Knowledge of electronic commerce from both a business and technical perspective

· Written and oral communication skills (enterprise architecture frameworks, technical policies and standards)

· Working knowledge of the following technologies:

· Microsoft NT / 2000 / 2003

· Solaris

· Firewall multi-layer design and implementation

· Router access list / packet filtering

· WANs, LANs

· Internet, Intranets and network protocols (i.e., telnet, ftp, TCP/IP and etc.)

· Enterprise Security management tools

· Security assessment software, Intrusion detection systems

· Virtual Private Network (VPN)

· Encryption, Public Key Infrastructure (PKI)

· Information security practices.

· CISCO security features as implemented on WAN/LAN devices

Experience Required:

· Minimum of 4 years managing a multi country / site Security Organization

· Proven track record delivering multi country / site Security initiatives and projects

· Experience in system and network security audit, and information risk management

· CISSP, CISM or equivalent certifications or formal education including Bachelor / Masters in IT with concentration in Information Security

· Prior leadership experience is an advantage, with full project lifecycle experience

Call Lindsay O'Leary for further spec details 01 614 60 80