infoSec Consultant

Background

Zurich Dublin Technology Center is looking for an InfoSec Consultant

As an Information Security Consultant within Group Cyber and Security you will work with local, regional, and global IT, Service Providers and Zurich business functions to manage compliance, information security and IT risks to support the Business objectives of the Group.

As part of this role, you will provide subject matter expertise and consultancy to projects and initiatives of varying size and complexity, with a focus on embedding “security by design” whilst supporting innovation. You will also provide Information Security advisory and Information Risk based consultancy through multiple channels within Zurich. 

Your Role

As an InfoSec Consultantyour main responsibilities will include, but not necessarily be limited to, the following:

Provide consultancy to major projects and services on effective mitigation of risks, and controls implementation. Assist with complex projects to identify business and technical security requirements, design security controls and test their effectiveness. Apply and support IT security, risk, and compliance technologies. Carry out control assurance for IT Service providers. Provide regional support and co-ordination for audit and other assurance processes. Contribute to IT Security/IT risk frameworks that serve as a basis for regulatory compliance, internal control processes and management of IT Security and IT risk. Initiate and maintain IT Security and IT risk management procedures. Ensure compliance with IT related policies and regulatory requirements; develop plans to remediate compliance gaps. Facilitate and take part in regular global IT Security and IT risk/control assessment initiatives. Support security event monitoring and incident response processes Work with the adoption of new Digital technologies and platforms across Zurich

Your Skills and Experience

As an InfoSec Consultantyour skills and qualifications will include:

Bachelor’s Degree or equivalent in Computer Science or related subject Understanding of security requirements for cloud environments (predominantly PaaS & SaaS); experience with O365, Azure & AWS would be an advantage. Familiar with the concepts of Security by Design, DevSecOps and Infrastructure as Code Experience with technical components of a network infrastructure Good understanding of Information/IT governance and risk management Excellent communication skills, being able to take part in meetings and provide expert advice. Proven experience with common information security controls / management frameworks, such as the NIST Cyber Security Framework and ISO27000

Preferred Qualifications

Professional Security Qualification - CISSP, CCSP (or other similar cloud security qualification) Knowledge & Experience of working with new digital technologies & platforms. Experience as an Information/IT Security/Risk Consultant for International Companies Familiar with Agile project management methodologies

---