556 Senior Security jobs in Ireland
Information Security Specialist
Posted today
Job Viewed
Job Description
Our client is looking for a
Cloud and Compliance Specialist
to join their team in Dublin for an 11 month hybrid position (3 days on site, 2 days remote) 
Responsibilities:
- Support significant programs of work across various levels of XFNs in Cloud Security and Cloud GRC areas.
- Collaborate with team members and stakeholders to understand or identify defined work problems and program goals, obtain prioritized deliverables, and discuss program impact.
- Designing, implementing, and/or assessing security controls and frameworks
- Implement maturity frameworks across multiple programs factoring in emerging regulations and proactive detection of risks.
- Assess and document emerging regulatory impact on established policy and control frameworks
- Identify, communicate, and collaborate with relevant stakeholders within one or more teams to drive impact and work toward mutual goals.
- Establish learnings, best practices, standardized frameworks and tools across GRC and related teams.
- Develop detailed program/project plans in partnership with XFN teams.
- EU Security Office - Document compliance positions for NIS 2 and RED, support SRA delivery
- Cloud Security GRC - Conduct deep-dives into Cloud environments; document GRC-driven positions, and look for opportunities to improve Cloud Security Posture
Requirements:
- At least 5-7 years in Information Security.
- Deep and demonstrable familiarity with key Cloud Security, Risk Management and Compliance concepts Several years
- (5+) of hands-on security experience with at least one of the major CSPs (AWS, GCP, Azure)
- Experience in a GRC function overseeing Cloud implementations at scale
- Experience in designing and implementing control frameworks
- Experience in assessing security deficiencies in information systems and recommending mitigating controls in a corporate environment
Benefits:
- Competitive salary
- Healthcare contribution and inclusion in company pension scheme
- Work laptop and phone
- 25 days annual leave (pro-rata) plus paid bank holidays
- Expanding workforce with potential for career progression for top performers
Sr. Information Security Engineer
Posted today
Job Viewed
Job Description
About Us
We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people. 
How We Work
At Proofpoint, you'll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results and best-in-class outcomes, Visionary in future-focused problem-solving, Exceptional in execution and impact.
Corporate Overview
Proofpoint is a leading cybersecurity company protecting organizations' greatest assets and biggest risks vulnerabilities in people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber-attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on Proofpoint for people-centric security and compliance solutions mitigating their most critical risks across email, the cloud, social media, and the web. 
We are singularly devoted to helping our customers protect their greatest assets and biggest security risk their people. That's why we're a leader in next-generation cybersecurity. Protection Starts with People. #Proofpoint.
The Role
We are looking for a highly skilled and experienced Information Security Engineer with a strong focus on Cloud/Data Centre Security Automation and DevSecOps to join our Security Engineering team. 
In this role, you will lead initiatives to design, build, and scale cloud/data centre security automation from first principles, enabling secure-by-default infrastructure and secure software delivery pipelines. You will also bring deep hands-on experience with tools such as Tenable, Wiz, Veracode, Splunk and apply your expertise in scripting, infrastructure-as-code (IaC), and cloud-native security practices to improve posture, visibility, and response.
Based in Cork, Ireland this key role will drive key Cloud/Data Centre security initiatives for Proofpoint Product portfolio. This role offers a unique opportunity to own security automation strategy, shape DevSecOps pipelines, and influence the future of scalable security tooling in a fast-moving engineering environment.
Key Responsibilities
- Design and build automated cloud security controls using Terraform, CI/CD, and scripting (Python, Go)
- Develop and scale infrastructure-as-code (IaC) security validation pipelines
- Integrate and manage platform such as Tenable, Wiz, Veracode, Splunk etc. to orchestrate and automate security scans across infrastructure and application layers
- Architect, build, and maintain security data pipelines to ingest, normalize, and analyze telemetry at scale
- Build and support tools for asset inventory management, EDR deployment at scale, and compliance-driven discovery
- Develop custom logic for automating remediation and enrichment of scan results
- Collaborate with Engineering, DevOps, and GRC teams to integrate security controls into the SDLC and cloud deployments
- Lead or contribute to threat modelling, risk assessments, and architecture reviews
What You Bring To The Team
- Extensive experience in Security Engineering, Cloud Security, or DevSecOps roles
- Thorough understanding of AWS, Azure, or GCP security models, IAM, and threat surfaces
- Proven ability to build cloud-native security automation using Terraform (IaC), CI/CD tools and pipelines, Python/Go/Bash
- Compliance knowledge with a grasp of NIST 800-53, and other regulatory frameworks
- Experience building Enterprise-scale Asset management systems or platforms, EDR tooling deployment at scale, Security data pipelines and analytics frameworks
- Experience with API-based integrations, webhooks, event-driven security automation
- Excellent communication and collaboration skills with the ability to drive cross-functional initiatives
Beneficial Experience
- Experience with SIEMs, SOAR, or threat intel platforms
- Experience with container security (e.g., Docker, Kubernetes, Falco, Trivy)
- Familiarity with Secret Management (Vault, AWS Secrets Manager)
- Exposure to managing Network IPS/IDS systems (such as Stamus/Suricata)
- Exposure to compliance programs such as FedRAMP, SOC 2, or PCI-DSS
- Certifications CISSP, CSSLP, GWAPT, or equivalent are a plus
Why Proofpoint
Protecting people is at the heart of our award-winning lineup of cybersecurity solutions, and the people who work here are the key to our success. We're a customer-focused and a driven-to-win organization with leading-edge products. We are an inclusive, diverse, multinational company that believes in culture fit, but more importantly 'culture-add', and we strongly encourage people from all walks of life to apply. 
We believe in hiring the best and the brightest to help cultivate our culture of collaboration and appreciation. Apply today and explore your future at Proofpoint
Why Proofpoint? At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you'll love working with us
- Competitive compensation
- Comprehensive benefits
- Learning & Development We are committed to the growth and development of our team members, offering a range of programs including leadership and professional development workshops, stretch project assignments, and mentoring opportunities to help employees reach their full potential.
- Flexible work environment (Remote options, hybrid schedules, flexible hours, etc.).
- Annual wellness and community outreach days
- Always on recognition for your contributions
- Global collaboration and networking opportunities
Our Culture
Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone. We encourage applications from individuals of all backgrounds, experiences, and perspectives. If you need accommodation during the application or interview process, please reach out to How to Apply Interested? Submit your application here https We can't wait to hear from you
Staff Information Security Engineer
Posted today
Job Viewed
Job Description
About Us
We are the leader in human-centric cybersecurity. Half a million customers, including 87 of the Fortune 100, rely on Proofpoint to protect their organizations. We're driven by a mission to stay ahead of bad actors and safeguard the digital world. Join us in our pursuit to defend data and protect people. 
How We Work
At Proofpoint, you'll be part of a global team that breaks barriers to redefine cybersecurity, guided by our BRAVE core values Bold in how we dream and innovate, Responsive to feedback, challenges, and opportunities, Accountable for results and best-in-class outcomes, Visionary in future-focused problem-solving, Exceptional in execution and impact.
About Proofpoint
At Proofpoint, we are committed to protecting organizations and individuals from cyber threats through innovative security solutions. Our mission is to safeguard our customers from advanced threats, phishing attacks, and data breaches with cutting-edge technology and a global team of security experts. 
Role Overview
We are seeking an experienced
Staff Information Security Engineer
to join our global security team in Cork, Ireland. This is a critical role within our
Cyber Incident Response Team (CIRT)
, responsible for managing and responding to security incidents across our global operations. You will serve as an
escalation point for our 24/7 Security Operations Center (SOC)
and play a key role in the automation, orchestration, and enhancement of our security incident response capabilities. 
This position requires deep expertise in cybersecurity, strong analytical skills, and the ability to work collaboratively in a fast-paced environment. If you thrive in a role where you can actively
defend against cyber threats, conduct threat hunting, and drive security automation
, this opportunity is for you. 
Key Responsibilities
- Incident Response & Escalation 
- Act as the L3 escalation point for high-severity security incidents within the global 24/7 SOC. 
- Lead complex investigations into advanced cyber threats, including malware outbreaks, targeted attacks, and persistent threats.
- Provide expert-level guidance on containment, mitigation, and remediation strategies. 
- Threat Hunting & Threat Assessment 
- Proactively hunt for hidden threats within enterprise networks using threat intelligence and behavioral analytics. 
- Develop and refine threat detection rules to improve SOC visibility.
- Assess emerging threats and provide actionable recommendations to enhance security posture. 
- Security Automation & Orchestration 
- Design and implement automated workflows to enhance security event triage and response. 
- Leverage SOAR (Security Orchestration, Automation, and Response) platforms to streamline incident response.
- Work with SIEM (Security Information and Event Management) tools to optimize log ingestion and alerting mechanisms. 
- Security Tooling & Continuous Improvement 
- Collaborate with security architects and engineers to enhance detection and response capabilities. 
- Perform root cause analysis on security incidents and recommend improvements to security controls.
- Stay updated on industry best practices and evolving attack techniques to ensure effective defenses.
Required Qualifications & Experience
- Extensive hands-on experience in Cybersecurity Incident Response or Security Operations.
- Strong background in SOC operations, SIEM, threat intelligence, and digital forensics.
- Expertise in investigating malware, phishing, web attacks, insider threats, and advanced persistent threats (APTs).
- Experience working with security automation and orchestration tools (SOAR).
- Familiarity with scripting languages such as Python, PowerShell, or Bash for security automation.
- Strong understanding of MITRE ATT&CK framework, TTPs (Tactics, Techniques, and Procedures), and cyber kill chain.
- Hands-on experience with cloud security (AWS, Azure, GCP) is a plus.
- Certifications such as GCIH, GCFA, CISSP, CISM, or OSCP are highly desirable.
- Ability to work in a fast-paced, global environment and collaborate with cross-functional teams.
Why Proofpoint
Protecting people is at the heart of our award-winning lineup of cybersecurity solutions, and the people who work here are the key to our success. We're a customer-focused and a driven-to-win organization with leading-edge products. We are an inclusive, diverse, multinational company that believes in culture fit, but more importantly 'culture-add', and we strongly encourage people from all walks of life to apply. 
We believe in hiring the best and the brightest to help cultivate our culture of collaboration and appreciation. If you're an experienced governance and compliance leader with a passion for building teams and driving security excellence, we'd love to hear from you
Apply today and explore your future at Proofpoint
Why Proofpoint? At Proofpoint, we believe that an exceptional career experience includes a comprehensive compensation and benefits package. Here are just a few reasons you'll love working with us
- Competitive compensation
- Comprehensive benefits
- Learning & Development We are committed to the growth and development of our team members, offering a range of programs including leadership and professional development workshops, stretch project assignments, and mentoring opportunities to help employees reach their full potential.
- Flexible work environment (Remote options, hybrid schedules, flexible hours, etc.).
- Annual wellness and community outreach days
- Always on recognition for your contributions
- Global collaboration and networking opportunities
Our Culture
Our culture is rooted in values that inspire belonging, empower purpose and drive success-every day, for everyone. We encourage applications from individuals of all backgrounds, experiences, and perspectives. If you need accommodation during the application or interview process, please reach out to How to Apply Interested? Submit your application here https We can't wait to hear from you
Information Security Officer
Posted today
Job Viewed
Job Description
The Information Security Officer will play a key role in promoting cybersecurity best practices and ensuring regulatory compliance across two closely aligned business units. The position focuses on IT risk management, policy alignment, security operations, and user access governance, helping to protect systems, data, and users while enhancing the overall security posture. This is a mid level role.
Key Responsibilities:
IT Risk Management
- Identify, assess, document, and treat IT risks across systems, infrastructure, and processes.
- Maintain and update risk registers and Level 1 controls.
- Lead risk assessments, remediation efforts, and control improvement.
Policy & Compliance
- Ensure alignment with global and regulatory security standards (ISO 27001, NIST, GDPR).
- Enforce IT security policies and support audit and compliance readiness.
Security Operations
- Respond to and manage IT security incidents and escalations.
- Oversee identity and access management, including privileged access and user reviews.
- Deliver organisation-wide security awareness training.
Reporting & Governance
- Produce dashboards and reports detailing risk exposure and control effectiveness.
- Provide regular updates to management and leadership.
Candidate Profile:
Experience:
- Minimum 3 years in IT risk management, cybersecurity, or compliance.
- Proven ability to work across multiple teams or business units.
Skills:
- Familiar with security frameworks (ISO 27001, NIST), IT general controls, and GDPR.
- Strong analytical, organisational, and communication skills.
- Ability to explain technical risks in simple, business-focused terms.
Qualifications (Desirable):
- Degree in IT, Cybersecurity, or a related field.
- Security certifications such as ISO 27001, CISM, or CompTIA Security+.
What the Role Offers:
- Flexible working and a balanced work environment.
- Ongoing training and professional development support.
- Competitive salary with performance-based bonus.
- Strong internal culture focused on innovation, learning, and collaboration
Information Security Analyst
Posted today
Job Viewed
Job Description
Information Security (InfoSec) Analyst
12 month fixed term ( very likely to go longer)
Location:
Dublin West - 3 Days on site, Dublin West outside of the M50 
Eligibility:
Open to candidates who do
not 
require visa sponsorship 
Stamp 1G (Spouse), Stamp 1G (Graduate, 12+ months remaining), Stamp 4 or EU passport holders.
We're looking for an Information Security Analyst to join a growing Cyber Security team, playing a key role in strengthening the organisation's security posture.
This role focuses on risk management, compliance, documentation and preparation for the upcoming NIS2 Directive.
Reporting into a Senior Information Security Manager, you'll help ensure the confidentiality, integrity and availability of data across a complex vendor ecosystem.
It's a hands-on governance and assurance role with a strong focus on vendor compliance, policy development and the continuous improvement of security controls and practices.
About You
- Previous experience in Information Security, Risk Management or Compliance.
- Previous experience vendor risk and third-party compliance.
- Excellent communication and stakeholder management skills.
- Knowledge of GDPR, ISO/IEC 27001 or NIS2 requirements. (Not a major thing if you don't)
- (Bonus) Certifications such as CISSP, CISM, or ISO 27001 Lead Implementer.
Key Responsibilities
- Support audits, assurance activities and evidence collection for compliance frameworks.
- Conduct and maintain risk assessments to identify and address threats and vulnerabilities.
- Collaborate across Legal, Compliance and IT to embed effective security governance.
- Foster a strong security and compliance culture across the organisation and partner network.
- Monitor and improve third-party/vendor compliance obligations.
This is a great role someone who has wants to grow their experience in security, governance, vendor risk and compliance
Information Security Architect
Posted today
Job Viewed
Job Description
Our Dublin based client is looking for an Information Security Architect to join their team. This role requires technical expertise in security architecture combined with proven consultancy experience. This is a daily rate contract role offering excellent daily rates.
Key Responsibilities:
- Design, document, and maintain enterprise-level security architectures, reference models, and security controls frameworks.
- Align security architecture with business and IT strategies, ensuring consistency across on-premise, cloud, and hybrid environments.
- Act as a trusted advisor to senior stakeholders, translating business needs into secure technology solutions.
- Deliver workshops, assessments, and security briefings to executive and technical audiences.
- Provide independent security consultancy to multiple projects and programmes simultaneously.
- Develop business cases and roadmaps for security improvement initiatives.
- Lead risk assessments, threat modelling, and security gap analyses for projects and existing systems.
- Guide IT and development teams in implementing secure architectures and controls.
- Oversee the selection and deployment of security tools and technologies.
- Support incident response, forensic investigations, and remediation planning when required.
Essential Experience:
- 5+ years of professional experience in Security Architecture.
Educational Requirements:
- Degree in Computer Science, Information Technology, or a related discipline.
Benefits:
- Competitive daily rate.
Information Security Architect
Posted today
Job Viewed
Job Description
Senior Information Security Architect
. 
Contract position - Dublin
Realtime are looking for a
Senior Information Security Architect
. You will be responsible for crafting and executing a comprehensive security strategy. You will lead the development of security architecture, policies, and processes, ensuring compliance and addressing emerging threats. Your role will be crucial in minimizing risks and safeguarding the company's operational capabilities and reputation. This is an exciting opportunity to develop and implement security strategies and lead form the front. 
Skills & Responsibilities:
- Proven experience in cybersecurity, developing/ implementing security strategies & policies.
- Strong experience implementing Zero trust architecture (ZTA)
- Extensive experience of IT security practices and standards.
- IT security technologies: encryption, authentication, EDR, XDR…
- Experience implementing multi-factor authentication.
- GDPR compliance and security best practices.
- Experience working with 3rd party suppliers to conduct penetration tests.
- Legal security requirements: Data Protection acts, PCI DSS, NIS2
- Security control frameworks: NIS2, ISO 27000, ENISA ISF, COBIT.
- Experience with risk assessment, incident management, and compliance.
- Create and implement security strategies, architectures, and policies.
- Lead IT security projects to enhance overall security posture.
- Develop and maintain IT security policies, standards, and guidelines.
- Work closely with managed security partners and oversee their services.
- Conduct IT security risk assessments and manage security-related incidents.
- Monitor and assess emerging threats and their potential impact.
- Develop materials to promote security awareness among staff.
- Ensure compliance with GDPR, health & safety, and other regulatory requirements.
- Implement secure design, threat modeling, & security control frameworks: NIS2, ISO27000.
If you are interested send your CV to
Be The First To Know
About the latest Senior security Jobs in Ireland !
Information Security Analyst
Posted today
Job Viewed
Job Description
Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services. Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results. We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions. Join our dynamic team and make your mark on the payments technology landscape of tomorrow.
Summary of This RoleEvaluates, tests, recommends, develops, coordinates, monitors, and maintains information security policies, procedures and systems, including hardware, firmware and software . Ensures that IS security architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IS standards and overall IS security . Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents. Investigates and resolves security incidents and recommends enhancements to improve security. Develops techniques and procedures for conducting IS security risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents.
What Part Will You Play?- Gains and maintains knowledge of how to monitor complex systems and response to known and emerging threats against the Global Payments network via intrusion detection software
- Assists in detailed, comprehensive investigation of security issues by reviewing security log data, interpreting data in support of security event management process from various data feeds and triages on a wide variety of security events.
- Under close supervision performs incident handling process by gaining knowledge in implementation of containment, protection and remediation activities.
- Gains and maintains knowledge of new and emerging threats that can affect the organization's information assets by assisting in analysis of third party software/solutions, IT configuration changes (including access control requests), and network/system architecture from risk perspective
- Under close supervision designs and configures security systems, including proxy, remote access, mail gateway, intrusion prevention, wireless networking, data leak prevention, security information and event management and web application firewalls.
- Assists in assessing and disseminating threats related to the enterprise in regard to current vulnerability by managing and developing an emerging threat model.
- Develops an understanding of how to assess risks based on changes to implementation of ISO(International Organization for Standardization)/BSO(Business Services Online); gains knowledge of PCI(Payment Card Industry)/Logical Security guidelines and models, HIPPA(health insurance portability and accountability act), PII(Personally Identifiable Information), and Card personalization.
- Gains knowledge of how to create cost effective solutions for system/application development regarding Information Security processes and concepts in applicable systems and software.
- Works under close supervision to perform day-to-day Information Security functions pertaining to numerous security software products and processes.
Minimum Qualifications
- Bachelor's Degree
- Relevant Experience or Degree in: Bachelor's degree in Computer Science, Info Security, or related field. Or relevant work experience in a related field.
- Typically No Relevant Experience Required
Preferred Qualifications
- Typically Minimum 2 Years Relevant Exp
- Including network operations or engineering or system administration on Unix, Linux, MAC(Message Authentication Code), or Windows; common security operations, intrusion detection systems, Security Incident Even Management systems, and anti-virus collection logs; including knowledge of industry standard security compliance programs PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act), etc.))
- Skills / Knowledge - Learns to use professional concepts. Applies company policies and procedures to resolve routine issues.
- Job Complexity - Works on problems of limited scope. Follows standard practices and procedures in analyzing situations or data from which answers can be readily obtained. Builds stable working relationships internally.
- Supervision - Normally receives detailed instructions on all work.
- Risk Assessment - Ability to identify, communicate, and mitigate risk within technical solution designs
- Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them.
- Incident Response - Knowledge and skills to contribute to all phases of Incident Response.
Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. If you wish to request reasonable accommodations related to applying for employment or provide feedback about the accessibility of this website, please contact
Information Security Analyst
Posted today
Job Viewed
Job Description
Information Security Analyst - Dublin
ICON plc is a world-leading healthcare intelligence and clinical research organization. We're proud to foster an inclusive environment driving innovation and excellence, and we welcome you to join us on our mission to shape the future of clinical development.
Information Security Analyst
At ICON, it's our people that set us apart. Our diverse teams enable us to become a better partner to our customers and help us to fulfil our mission to advance and improve patients' lives. 
Our 'Own It' culture is driven by four key values that bring us together as individuals and set us apart as an organisation: Accountability & Delivery, Collaboration, Partnership and Integrity. We want to be the Clinical Research Organisation that delivers excellence to our clients and to patients at every touch-point. In short, to be the partner of choice in drug development.
That's our vision. We're driven by it. And we need talented people who share it.
If you're as driven as we are, join us. You'll be working in a dynamic and supportive environment, with some of the brightest and the friendliest people in the sector, and you'll be helping shape an industry.
The Role
We are currently recruiting for an Information Security Analyst to work in the Governance, Risk & Compliance segment of our Cyber Security Team. This is a really great time to join this division as it is undergoing significant development and you will be joining at a time of exciting change with lots of opportunities for growth and development. 
Responsibilities
- Perform activities in the support of one or more information security management practices, such as security compliance, security risk assessment and management, security policy management.
- Ensure activities are performed in accordance with company policies and industry standard frameworks (e.g., NIST CSF, NIST RMF and ISO
- Perform information security risk assessments, security compliance continuous monitoring, and/or various regulatory or contractual compliance activities.
- Work with other key stakeholders (e.g., quality assurance, legal, data protection office, business continuity, and other information technology business units) to ensure the organization analyzes and communicates information security risks and status of controls compliance effectively.
- Participate in the development of training and communication materials for key stakeholders of the process within your area of control or expertise.
- Advise and educate stakeholders on managing cybersecurity risks and information assurance activities in accordance with ICON's policies and procedures.
- Participate in authoring and reviewing information security policies and procedures pertaining to information security risk management and information assurance activities.
- Assist in the development of reports relating to the effectiveness of the cybersecurity risk management and assurance program.
- Perform ancillary tasks to support the strategic mission and objectives of the Cyber and Information Security department, as needed.
- Research and stay current on new technical literature applicable to information security, risk management, and information assurance.
- Assist in the development of metrics relating to the Cybersecurity Risk Management and Assurance team's business functions/processes.
Desired Qualifications
- Working technical knowledge of industry best practices and commonly used frameworks & standards (e.g., NIST 800-53/171, COSO, SOC/SSAE 18, COBIT, ISO ,) and various regulations pertaining to information security, cyber risk management, compliance, and data privacy (e.g., SOX, GDPR, HIPAA, GxP/GALP/GMP).
- Prior experience using an integrated risk management tool (e.g., ServiceNow) and/or vendor risk management tool (e.g., Process Unity) is a plus.
- Possess basic-to-intermediate understanding of risks and controls pertaining to technical, management, and operations security controls, system development lifecycle, business continuity, disaster recovery, data center controls, cloud computing, third-party risk management and privacy.
- Holds a CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor or Implementer or similar certification; desirable but not required.
Minimum Requirements
- Fundamental relationship management and communications skills.
- Fundamental ability to solve problems and apply skills to determine risk or compliance deviations.
- Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Enterprise Risk Management or related field or equivalent experience and one year of risk management, cybersecurity, compliance or related experience (or combined equivalent education, training, and experience).
- Excellent written and verbal communication skills.
- Read, write and speak fluent English, with strong documentation and organizational skills.
Benefits Of Working In ICON
Our success depends on the quality of our people. That's why we've made it a priority to build a culture that rewards high performance and nurtures talent. 
We offer very competitive salary packages. And to keep them competitive, we regularly benchmark them against our competitors. Our annual bonuses reflect delivery of performance goals – both ours and yours.
We also provide a range of health-related benefits to employees and their families and offer competitive retirement plans – and related benefits such as life assurance – so you can save and plan with confidence for the years ahead.
But beyond the competitive salaries and comprehensive benefits, you'll benefit from an environment where you are encouraged to fulfil your sense of purpose and drive lasting change.
ICON is an equal opportunity and inclusive employer and is committed to providing a workplace free of discrimination and harassment. All qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or in order to perform the essential functions of a position, please let us know through the form below.
What ICON Can Offer You
Our success depends on the quality of our people. That's why we've made it a priority to build a diverse culture that rewards high performance and nurtures talent. 
In addition to your competitive salary, ICON offers a range of additional benefits. Our benefits are designed to be competitive within each country and are focused on well-being and work life balance opportunities for you and your family.
Our Benefits Examples Include
- Various annual leave entitlements
- A range of health insurance offerings to suit you and your family's needs.
- Competitive retirement planning offerings to maximize savings and plan with confidence for the years ahead.
- Global Employee Assistance Programme, LifeWorks, offering 24-hour access to a global network of over 80,000 independent specialized professionals who are there to support you and your family's well-being.
- Life assurance
- Flexible country-specific optional benefits, including childcare vouchers, bike purchase schemes, discounted gym memberships, subsidized travel passes, health assessments, among others.
Visit our careers site to read more about the benefits ICON offers.
At ICON, inclusion & belonging are fundamental to our culture and values. We're dedicated to providing an inclusive and accessible environment for all candidates. ICON is committed to providing a workplace free of discrimination and harassment. All qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or in order to perform the essential functions of a position, please let us know or submit a request here
Interested in the role, but unsure if you meet all of the requirements? We would encourage you to apply regardless – there's every chance you're exactly what we're looking for here at ICON whether it is for this or other roles.
Are you a current ICON Employee? Please click here to apply
Information Security Governance
Posted today
Job Viewed
Job Description
COMPANY OVERVIEW
KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in its portfolio companies and communities. KKR sponsors investment funds that invest in private equity, credit and real assets and has strategic partners that manage hedge funds. KKR's insurance subsidiaries offer retirement, life and reinsurance products under the management of Global Atlantic Financial Group. References to KKR's investments may include the activities of its sponsored funds and insurance subsidiaries.
POSITION SUMMARY
KKR is seeking an Information Security Risk Analyst to join the Information Security Governance, Risk, and Compliance (GRC) organization. This role offers exciting opportunities for growth and impact as KKR scales its business and continues to innovate. This role will assist in identifying, assessing, and tracking cybersecurity risk across the organization. You will help manage risk issues, collaborate with business and IT stakeholders, and support ongoing risk and compliance initiatives. This is an excellent opportunity for candidates looking to grow their career in information security and risk management. You will also be looking over the horizon, identifying future needs and exploring leading edge solutions.
RESPONSIBILITIES:
Support Cyber Risk Management Activities
- Assist in conducting cyber risk assessments on internal systems, third-party vendors, and emerging technologies.
- Help document and track identified risks, mitigation plans, and risk acceptances.
- Monitor remediation efforts and follow up on open risk issues with stakeholders.
Stakeholder Engagement
- Participate in meetings with business and technical stakeholders to gather information, identify, communicate risk issues, and support decision-making processes.
- Collaborate with internal teams to communicate risk findings and support risk-based decision-making in projects, operations, and vendor engagements.
Risk Documentation & Reporting
- Maintain accurate risk registers and documentation using GRC tools or tracking systems.
- Contribute to the development of risk reports and dashboards for management and audit purposes.
Compliance & Policy Support
- Help ensure alignment with internal security policies, standards, and applicable regulatory requirements (e.g., SOX, GDPR, NIS2 etc.).
- Assist in documenting and maintaining security governance artifacts including policies, procedures, and control mappings.
Continuous Improvement
- Identify opportunities for improving risk processes, tools, and reporting.
- Stay current on cybersecurity trends, threats, and regulatory developments.
QUALIFICATIONS
- Bachelor's degree in Information Security, Information Systems, Computer Science, or a related field—or equivalent work experience.
- Foundational understanding of cybersecurity principles and risk management concepts.
- Strong written and verbal communication skills, especially with non-technical audiences.
- Ability to present ideas in a user and business-friendly manner
- Detail-oriented with outstanding organizational and documentation skills.
- Ability to work effectively in a team environment and build positive relationships.
- Team-player who enjoys working in a collaborative and collegial environment and is an active contributor as part of a global team
- Ability to work calmly under pressure and meet deadlines and solve problems requiring creativity, initiative and drive; self-motivated and enjoys a sense of pride in their accomplishments
- Strategic self-starter with an innovative mindset
KKR is an equal opportunity employer. Individuals seeking employment are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, sexual orientation, or any other category protected by applicable law.