Board Chief Executive

Dublin, Ireland

Title : Information Security Analyst

Location: Dublin / Kilkenny

Dept : Risk Management

Risk Management currently have a full time permanent vacancy for the role of Information Security Analyst. The successful candidate will be responsible for satisfying the technical security and risk due diligence requirements of our corporate group schemes and the management and provision of all information security related training throughout the Vhi group.

Responsibilities will include but are not limited to:
  • Manage the satisfactory and timely completion of external security and risk questionnaires including the collation of the required evidence and to make that available to the requesting party via on-site visit by requestor, Webex or other collaboration tool, requester’s portal or secure e-mail
  • Work with IT Security, IT and other relevant Vhi departments to assist in the completion of questionnaires and evidence gathering where a subject matter expert is required
  • Create and manage a database of previous security and other related questions and evidence
  • Maintain this database in an up to date way e.g. request and replace quarterly pen test evidence with the most recent reports available
  • Maintain a log of items not satisfied at the time for any requesting party and ensure these are completed by the relevant Vhi stakeholders as agreed with the requesting party
  • Continuously seek ways to automate all or any of the above
  • Identify relevant topics for the annual security awareness campaigns
  • Identify appropriate computer based training software to deliver these topics
  • Create an annual plan for targeted security awareness training throughout the Vhi group
  • Report on completion rates of all of the above to the Information Security Manager and local management as appropriate
  • Maintain, and as required, update/rewrite the Vhi Information Security Induction training module and ensure all new users complete this module
  • Constantly monitor for emerging security threats where Vhi business could be negatively affected
  • Carry out planned and ad-hoc ethical phishing campaigns on all and targeted users
  • Carry out other information security and risk related work as required

  • A third level qualification or equivalent in an area underpinning ICT
  • A security professional qualification e.g. CISSP
  • Minimum 3 years’ relevant experience of applying/managing information security controls in a similar business environment
  • Good knowledge of information security control frameworks
  • Experience in designing and deploying security awareness training across a large organisation
  • Strong organisational skills with excellent attention to detail
  • Excellent team-working and performance management skills
  • Excellent interpersonal skills including the ability to influence across the organisation and externally and to effectively engage with a variety of stakeholders
  • Demonstrated alignment to the Vhi values.