13 Vulnerability Assessment jobs in Ireland

Senior Associate, Information Security & Risk Management We are Grant Thornton. We go beyond business as usual, so you can too. Grant Thornton Ireland (GT) has nearly 3,000 people in 9 offices across Ireland, The Isle of Man, Gibraltar, and Bermuda, with a presence in over 145 countries around the world, and a global network of over 68,000 people At GT, we work as trusted advisors, bringing local knowledge and national expertise, with a global presence, to help businesses succeed - wherever they are located. We make business more personal by investing in building relationships and empowering our clients to make the right decisions for their organisation now and for the future. Whether that is working with the public sector to build thriving communities, with regulators and financial institutions to build trust, or with a diverse range of businesses to help them achieve their goals, Grant Thornton Ireland work hard to support clients to act on the issues that matter. At GT Ireland we don't just predict your future, we build it. A Career at GT Looking for a more fulfilling role in professional services? One where fresh thinking, collaboration and diversity are valued? At Grant Thornton we do things differently. What does this mean for you? A career in a more inclusive working environment, a more collaborative work culture, a more supported, flexible working role, more possibilities to grow and more opportunities to help shape the future for your clients. We respect and value your experience. And we want you to bring your authentic self to work and be at your best. It is how it should be. Grow with us At Grant Thornton, we care about our people and work hard to make you feel valued. If you are looking to deepen and develop your skills, knowledge, and experience throughout your career, then that is what you will get, and more. The Sr. Associate, Information Security position will be an integral member of the Governance, Risk & Compliance team. This role will be responsible for organizing and managing evidence for external audits. Work in Chief Information Security Officer (CISO) office under Director, Information Security Governance, Risk and Compliance. Successful candidate will have a good mix of security knowledge, understanding of industry best practice, and a demonstrated background in information security risk management. The candidate will be responsible for managing and responding to client security questionnaires, audits, and assessments related to the organization's information security posture. This role involves working closely with internal teams, clients, and external auditors to ensure the company's security practices align with industry standards and client requirements. The manager will also coordinate audit activities to ensure compliance with security frameworks and regulations. The ideal candidate: is a self-starter, with the ability to drive tasks to completion independently and learn new skills on the job as program requirements evolve. possesses strong business judgment, deep analytical thinking, is comfortable managing multiple responsibilities within a fast-paced environment, and has worked collaboratively with others to develop, implement, and communicate business improvement and innovative strategies. possesses strong verbal and written communication skills, a solution-oriented approach, and relationship-building skills are important attributes to succeed in this role. Successful candidate will develop strong relationships, collaborate across teams, coordinate multiple timelines, and manage complex, cross discipline projects. global view of their business and think in terms of immediate problem solving but also automating, expanding, and scaling solutions broadly. Responsibilities: Governance: Participate in development of IT & Security policies, standards, and controls. Develop and implement procedures and processes in area of ownership. Participate in annual control attestation. Measure and report on security metrics and key performance indicators. Respond to cyber insurance questionnaires based on implemented security controls, certifications, and policies. Risk & Compliance Management: Conduct security risk assessments to identify and mitigate risks. Collaborate with internal teams to design and implement mitigation strategies for identified risks. Establish a repository of standardized security questionnaire responses and ensure they are updated with the implemented security controls, certifications, and policies. Manage responses to client security questionnaires in a timely and accurate manner. Collaborate with internal teams (e.g., IT, legal, Information Security) to gather necessary documentation and information for client inquiries. Serve as the main point of contact for clients regarding security and IT related audit inquiries and responses. Engage with clients and third-party auditors in discussions around the organization's security posture. Prepare and provide evidence for security audits, ensuring all documentation is complete and accurate. Collaborate with control owners to create corrective action plans to ensure appropriate remediation efforts are implemented and completed in a timely manner. Identify opportunities to improve the efficiency and effectiveness of client questionnaire responses and audit processes. Continuously improve the organization's internal audit and compliance processes to meet client expectations. Communicate effectively with internal stakeholders, including IT, legal, compliance, and leadership, to ensure timely responses to audits and questionnaires. Provide recommendations to management regarding areas of improvement in security practices and compliance. Experience: 5+ years of experience in information security, with a focus on audit management. Experience with responding to security questionnaires and managing client audits. Experience in managing third-party audits and internal audit processes. Familiarity with compliance frameworks such as NIST, ISO 27001, and others. Experience using GRC tools and technologies in support of the assessment/audit process (One Trust, Security Scorecard, Bitsight, etc.). Demonstrated advanced verbal and written communication skills. Excellent project management and organizational skills, with the ability to handle multiple audits and client requests simultaneously. Excellent organization skills and be a self-motivated learner. Qualifications: Bachelor's degree in information security, Cybersecurity, Computer Science, Engineering or related field or equivalent work experience. CISA, CRISC, CISM, or CISSP certifications (one or more) preferred. Hands-on experience in conducting information security risk and compliance assessments. Life at GT Reward and benefits: Our reward and benefits are designed to create an environment where our people can flourish. We are committed to building a culture where our people have access to the necessary benefits to help promote a healthy lifestyle and thrive. Equity, diversity and inclusion At Grant Thornton, we provide equitable opportunities for all our colleagues. We are a responsible, sustainable business where equity, diversity and inclusion (ED&I) is at the forefront of our workplace culture agenda, and today, we continue to build and develop on our existing ED&I structure and strategy to meet our workplace culture needs. People are at the heart of our business and teams built with varied backgrounds, racial differences, cultures, sexual orientations, religious orientations, ages, gender identities, abilities and family types present diverse viewpoints, which need to be heard and valued. We are all at our best when we are able to be ourselves and we view integrity and authenticity as integral values to bring to our day-to-day work-life at the firm. We are excited to see the personality and perspectives you will bring to our team because we know we will all benefit from them. Diversity of thought, background and experience enables better decision-making, improves the quality of our delivery, and helps us to meet the needs of our clients. Our firm is built on people and their ideas, so we want to hear all the new perspectives and fresh thinking you have to offer. You form the bedrock of our firm's best-practice principles and we will champion you as leaders from day one. Recognition: We want to create a culture of recognition and celebrating success, by saying thank you to people who surpass our expectations and recognising the right values and behaviours. Our Shout Out recognition scheme is our way of highlighting and promoting achievements. Whether you simply want to say thank you, celebrate a special occasion or give an award for doing something exceptional, you can do all of this and more through the scheme. #IJ To be considered for this role you will be redirected to and must complete the application process on our careers page. To start the process click the Apply button below to Login/Register.

Audit Manager - Information Security & Risk Management We are seeking an experienced Audit Manager - Information Security & Risk Management to join a leading professional services firm. This role will sit within the Information Security and Risk Management function and focus on leading internal and external audits, risk management, and compliance initiatives. Key Responsibilities Plan, scope, and manage internal and external information security audits. Oversee audit processes, review findings, and develop practical recommendations. Support compliance with ISO 27001, SOC 2, NIST, GDPR, and other frameworks/standards. Conduct control testing and risk assessments across critical systems and processes. Partner with control owners to drive remediation, evidence collection, and compliance-by-design. Contribute to policies, procedures, and compliance reporting to leadership. Collaborate with cross-functional teams to deliver scalable governance, risk, and compliance solutions. Skills & Experience Proven track record in IT audit, information security, and risk management. Strong knowledge of frameworks such as ISO 27001, NIST 800-53, SOC 2, COSO, or HITRUST. Experience with regulatory requirements (e.g. GDPR). Proficiency in GRC tools and control testing. Strong analytical, organisational, and communication skills. Relevant certifications (CISA, CISM, CRISC, CISSP) desirable. Qualifications Degree in Computer Science, Engineering, or a related field (or equivalent experience). For more info contact Seamus at Reperio or apply through the link Reperio Human Capital acts as an Employment Agency and an Employment Business. Skills: Security Risk Management Audit

Audit Manager - Information Security & Risk Management We are seeking an experienced Audit Manager - Information Security & Risk Management to join a leading professional services firm. This role will sit within the Information Security and Risk Management function and focus on leading internal and external audits, risk management, and compliance initiatives. Key Responsibilities Plan, scope, and manage internal and external information security audits. Oversee audit processes, review findings, and develop practical recommendations. Support compliance with ISO 27001, SOC 2, NIST, GDPR, and other frameworks/standards. Conduct control testing and risk assessments across critical systems and processes. Partner with control owners to drive remediation, evidence collection, and compliance-by-design. Contribute to policies, procedures, and compliance reporting to leadership. Collaborate with cross-functional teams to deliver scalable governance, risk, and compliance solutions. Skills & Experience Proven track record in IT audit, information security, and risk management. Strong knowledge of frameworks such as ISO 27001, NIST 800-53, SOC 2, COSO, or HITRUST. Experience with regulatory requirements (e.g. GDPR). Proficiency in GRC tools and control testing. Strong analytical, organisational, and communication skills. Relevant certifications (CISA, CISM, CRISC, CISSP) desirable. Qualifications Degree in Computer Science, Engineering, or a related field (or equivalent experience). For more info contact Seamus at Reperio or apply through the link Reperio Human Capital acts as an Employment Agency and an Employment Business. Skills: Security Risk Management Audit

**_Job Title:_**
Information Security Compliance Specialist, PCI
**_Role Overview:_**
The Information Security Compliance Specialist is responsible for managing McAfee's information security compliance certifications, including maintaining McAfee's PCI DSS certification and supporting additional frameworks including SOC 2 Type II, ISO2700, NIST CSF and HIPAA.
This position is open in Ireland or USA; We will only consider candidates currently in Ireland or USA and are not offering relocation assistance at this time.
**_About the Role_** **_:_**
+ Managing McAfee's PCI DSS 4.0 compliance program.
+ Supporting additional compliance frameworks including ISO2700X, SOC 2 Type II and HIPAA.
+ Working with stakeholders across McAfee to facilitate internal compliance assessments aligned to industry standards including NIST CSF.
+ Working with stakeholders in Sales and Procurement to meet partner expectations, including responding to customer security requests and reviewing contractual agreements.
**_About You_** **_:_**
+ Ideal candidates will have a minimum of 5 years of experience in the same field.
+ PCI ISA or QSA.
+ Ability to conduct thorough security audits, including risk assessments to identify and evaluate security risks and compliance gaps.
+ Knowledge of cloud computing principles and best practices, with specific focus on cloud security controls, configurations, and monitoring tools.
+ Strong interpersonal and communication skills, with the ability to collaborate effectively with stakeholders at all levels of the organization to drive security initiatives and remediation efforts.
+ Strong project management skills and experience in managing security projects, including planning, execution, monitoring, and reporting on project progress and outcomes.
+ Please specify the versions of PCI you've worked with in your resume.
#LI-Remote
**_Company Overview_**
McAfee is a leader in personal security for consumers. Focused on protecting people, not just devices, McAfee consumer solutions adapt to users' needs in an always online world, empowering them to live securely through integrated, intuitive solutions that protects their families and communities with the right security at the right moment.
**_Company Benefits and Perks:_**
We work hard to embrace diversity and inclusion and encourage everyone at McAfee to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
+ Bonus Program
+ 401k Retirement Plan
+ Medical, Dental, Vision, Basic Life, Short Term Disability and Long-Term Disability Coverage
+ Paid Parental Leave
+ Support for Community Involvement
+ 14 Paid Company Holidays
+ Unlimited Paid Time Off for Exempt Employees
+ 96 Hours of Sick Time and 120 Hours of Vacation for Non-Exempt Employees Accrued Each Year
We're serious about our commitment to diversity which is why McAfee prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.
The starting pay range for this position is 70, ,910.00. McAfee takes into consideration an individual's skillset, experience and location in making final salary determinations. For further details, please discuss with the Talent Acquisition Partner.
Please click here ( to view and download the Job Applicant Privacy Notice, which applies to all McAfee job applicants who are residents of the state of California.

Manager/Principal Cyber & Information Security - Dublin - Hybrid ICON plc is a world-leading healthcare intelligence and clinical research organization. We're proud to foster an inclusive environment driving innovation and excellence, and we welcome you to join us on our mission to shape the future of clinical development. We are currently seeking a Manager/Principal - Cyber & Information Security to join our diverse and dynamic team. As the Manager of Cyber & Information Security at ICON, you will bring strong technical skills to the team as per the key responsibilities detailed below. Key responsibilities will include: Manage complex operational security projects and solutions Handle operational security issues that require in-depth knowledge across multiple areas such as Network, Cloud, Application and Data Security Performing configuration review of security applications, systems, and services as required Continuously improve ICON's cyber detection and response capability Technical depth and knowledge across multiple areas including Endpoint Security, Network Security, Mobile Device Security - Development and / or governance of security solutions on endpoints and servers, mobile devices and the network e.g. firewalls, IDS/IPS, WAF. Data Security - Development and / or governance of security solutions for data security such as DLP and data classification & labelling tools Cloud Native Security - Designing and implementing security for cloud-based resources covering access management, data security, monitoring to ensure that they are aligned with business requirements Application Security - Embedding security within the development process using manual and automated security controls Support security architecture decisions Implement technical security controls and process improvements, collaborating on security roadmaps and strategies Cross functional team collaboration and co-ordination with Enterprise & Security Architecture, Innovation & Analytics, IT Operations and Cyber Resilience teams IT Operations and Software Development teams to design and build secure solutions and services in a standardized manner To be successful in the role, you will ideally have: Desire for role requiring both hands on expertise and working with other teams to achieve required outcomes Demonstrate a strong awareness of the current threat landscape. Experience building threat models and reviewing and / or configuring technical security or network solutions. Demonstrate a strong technical background in Enterprise Security controls and solutions covering one or more of Cloud, Application, Network, Mobile Device, Data Security and OS Certifications: Relevant certs e.g. SANS SEC4XX/5XX, ISC2 CISSP or equivalent Nice to have: Hands-on cloud experience, with one or more certifications Experience analysing or evaluating security solutions What ICON can offer you: Our success depends on the quality of our people. That's why we've made it a priority to build a diverse culture that rewards high performance and nurtures talent. In addition to your competitive salary, ICON offers a range of additional benefits. Our benefits are designed to be competitive within each country and are focused on well-being and work life balance opportunities for you and your family. Our benefits examples include: Various annual leave entitlements A range of health insurance offerings to suit you and your family's needs. Competitive retirement planning offerings to maximize savings and plan with confidence for the years ahead. Global Employee Assistance Programme, LifeWorks, offering 24-hour access to a global network of over 80,000 independent specialized professionals who are there to support you and your family's well-being. Life assurance Flexible country-specific optional benefits, including childcare vouchers, bike purchase schemes, discounted gym memberships, subsidized travel passes, health assessments, among others. Visit our careers site to read more about the benefits ICON offers. At ICON, inclusion & belonging are fundamental to our culture and values. We're dedicated to providing an inclusive and accessible environment for all candidates. ICON is committed to providing a workplace free of discrimination and harassment. All qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or in order to perform the essential functions of a position, please let us know or submit a request here Interested in the role, but unsure if you meet all of the requirements? We would encourage you to apply regardless - there's every chance you're exactly what we're looking for here at ICON whether it is for this or other roles. Are you a current ICON Employee? Please click here to apply To be considered for this role you will be redirected to our careers page & prompted to create a jobseeker account here. To start the process, click the Continue to Application or Login/Register button below.

Manager/Principal Cyber & Information Security - Dublin - Hybrid ICON plc is a world-leading healthcare intelligence and clinical research organization. We're proud to foster an inclusive environment driving innovation and excellence, and we welcome you to join us on our mission to shape the future of clinical development. We are currently seeking a Manager/Principal - Cyber & Information Security to join our diverse and dynamic team. As the Manager of Cyber & Information Security at ICON, you will bring strong technical skills to the team as per the key responsibilities detailed below. Key responsibilities will include: Manage complex operational security projects and solutions Handle operational security issues that require in-depth knowledge across multiple areas such as Network, Cloud, Application and Data Security Performing configuration review of security applications, systems, and services as required Continuously improve ICON's cyber detection and response capability Technical depth and knowledge across multiple areas including Endpoint Security, Network Security, Mobile Device Security - Development and / or governance of security solutions on endpoints and servers, mobile devices and the network e.g. firewalls, IDS/IPS, WAF. Data Security - Development and / or governance of security solutions for data security such as DLP and data classification & labelling tools Cloud Native Security - Designing and implementing security for cloud-based resources covering access management, data security, monitoring to ensure that they are aligned with business requirements Application Security - Embedding security within the development process using manual and automated security controls Support security architecture decisions Implement technical security controls and process improvements, collaborating on security roadmaps and strategies Cross functional team collaboration and co-ordination with Enterprise & Security Architecture, Innovation & Analytics, IT Operations and Cyber Resilience teams IT Operations and Software Development teams to design and build secure solutions and services in a standardized manner To be successful in the role, you will ideally have: Desire for role requiring both hands on expertise and working with other teams to achieve required outcomes Demonstrate a strong awareness of the current threat landscape. Experience building threat models and reviewing and / or configuring technical security or network solutions. Demonstrate a strong technical background in Enterprise Security controls and solutions covering one or more of Cloud, Application, Network, Mobile Device, Data Security and OS Certifications: Relevant certs e.g. SANS SEC4 XX/5 XX, ISC2 CISSP or equivalent Nice to have: Hands-on cloud experience, with one or more certifications Experience analysing or evaluating security solutions What ICON can offer you: Our success depends on the quality of our people. That's why we've made it a priority to build a diverse culture that rewards high performance and nurtures talent. In addition to your competitive salary, ICON offers a range of additional benefits. Our benefits are designed to be competitive within each country and are focused on well-being and work life balance opportunities for you and your family. Our benefits examples include: Various annual leave entitlements A range of health insurance offerings to suit you and your family's needs. Competitive retirement planning offerings to maximize savings and plan with confidence for the years ahead. Global Employee Assistance Programme, Life Works, offering 24-hour access to a global network of over 80,000 independent specialized professionals who are there to support you and your family's well-being. Life assurance Flexible country-specific optional benefits, including childcare vouchers, bike purchase schemes, discounted gym memberships, subsidized travel passes, health assessments, among others. Visit our careers site to read more about the benefits ICON offers. At ICON, inclusion & belonging are fundamental to our culture and values. We're dedicated to providing an inclusive and accessible environment for all candidates. ICON is committed to providing a workplace free of discrimination and harassment. All qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or in order to perform the essential functions of a position, please let us know or submit a request here Interested in the role, but unsure if you meet all of the requirements? We would encourage you to apply regardless - there's every chance you're exactly what we're looking for here at ICON whether it is for this or other roles. Are you a current ICON Employee? Please click here to apply To be considered for this role you will be redirected to our careers page & prompted to create a jobseeker account here. To start the process, click the Continue to Application or Login/Register button below.

Manager, Cyber & Information Security - Hybrid - Dublin, Ireland
ICON plc is a world-leading healthcare intelligence and clinical research organization. We're proud to foster an inclusive environment driving innovation and excellence, and we welcome you to join us on our mission to shape the future of clinical development.
**About the role:**
_Office Hybrid - 60% office-based in Leopardstown, Dublin 18; 40% remote._
We are currently recruiting an experienced and driven Information Security Manager to work across key functions within our Information Security program, with a focus on Third Party Risk Management (TPRM) and Governance, Risk & Compliance (GRC). Reporting to the Senior Director of Information Security, this role will be instrumental in assessing and managing supplier risk, responding to third-party incidents, and driving strategic enhancements to our TPRM framework. In addition, the role will support internal and external audit activities, client security assessments, and ensure ongoing compliance with our information security certifications.
**Key responsibilities will include:**
Third Party Risk Management (TPRM)
+ Lead and execute supplier risk assessments, including initial due diligence and ongoing monitoring.
+ Maintain and enhance operational processes related to supplier management and periodic reviews.
+ Collaborate with Procurement, Legal, Data Privacy and Business stakeholders to ensure alignment on third-party risk requirements and assessment outcomes.
+ Manage third-party security incidents, coordinating response efforts and remediation activities.
+ Maintain the third-party corrective actions register, treatment plans and ensure timely updates and closure.
+ Management of third-party continuous security monitoring and ratings platforms.
+ Drive strategic initiatives to mature the TPRM program, including continuous monitoring, automation, metrics, and reporting.
+ Perform TPRM activities in accordance with company policies and industry standard frameworks (e.g., ISO 27001, NIST CSF, CIS, Cloud Security Alliance).
+ Stay current on emerging information security threats, incidents, and trends, and assess their potential impact on the organisation and our suppliers.
Governance, Risk & Compliance (GRC)
+ Support internal and external information security audits, including evidence collection, coordination with control owners, and remediation tracking.
+ Respond to client security questionnaires and due diligence requests in collaboration with Sales and Business stakeholders.
+ Assist in maintaining compliance with information security certifications.
+ Contribute to the development and maintenance of security policies, standards, and procedures.
+ Perform GRC activities in accordance with company policies and industry standard frameworks (e.g., ISO 27001, NIST CSF).
+ Stay current on new or emerging information security standards and regulatory requirements.
**Desired Qualifications and Experience**
+ 8+ years of experience in Information Security, with a focus on TPRM and/or GRC.
+ Relevant certifications (e.g., CISM, CRISC, CISSP, ISO Lead Auditor/Implementer, SANS GCLD, SANS GSLC) are a plus.
+ Strong understanding of risk management frameworks and information security standards (e.g., ISO 27001, NIST, SOC 2, Cloud Security).
+ Experience managing supplier incidents, defining treatments plans and managing to closure.
+ Familiarity with audit processes and compliance reporting.
+ Demonstrate a strong awareness of the current threat landscape.
+ Ability to work independently and drive initiatives in a fast-paced environment.
#LI-Hybrid
#LI-MK2
**What ICON can offer you:**
Our success depends on the quality of our people. That's why we've made it a priority to build a diverse culture that rewards high performance and nurtures talent.
In addition to your competitive salary, ICON offers a range of additional benefits. Our benefits are designed to be competitive within each country and are focused on well-being and work life balance opportunities for you and your family.
Our benefits examples include:
+ Various annual leave entitlements
+ A range of health insurance offerings to suit you and your family's needs.
+ Competitive retirement planning offerings to maximize savings and plan with confidence for the years ahead.
+ Global Employee Assistance Programme, LifeWorks, offering 24-hour access to a global network of over 80,000 independent specialized professionals who are there to support you and your family's well-being.
+ Life assurance
+ Flexible country-specific optional benefits, including childcare vouchers, bike purchase schemes, discounted gym memberships, subsidized travel passes, health assessments, among others.
Visit our careers site ( to read more about the benefits ICON offers.
At ICON, inclusion & belonging are fundamental to our culture and values. We're dedicated to providing an inclusive and accessible environment for all candidates. ICON is committed to providing a workplace free of discrimination and harassment. All qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or in order to perform the essential functions of a position, please let us know or submit a request here ( in the role, but unsure if you meet all of the requirements? We would encourage you to apply regardless - there's every chance you're exactly what we're looking for here at ICON whether it is for this or other roles.
Are you a current ICON Employee? Please click here ( to apply

**Who We Are**
At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.
**The Role**
Kyndryl is the world's largest provider of IT infrastructure services.
**Europe Regulatory Office Mission:** Responsible for the implementation, administration, and oversight of a regulatory and governance program supporting our compliance with EU DORA, NIS 2 and UK CTP Regime.
**Job Summary:** Senior Lead, Risk Management and Controls will be responsible for identifying relevant, regulated accounts and onboarding them to our regulatory compliance program. This role involves participating and coordinating governance activities across first, second, and third lines of defense functions ensuring an integrated approach to compliance. Additionally, the role includes performing regular reviews and controls assessments to identify improvements and track progress as well as playing a key role in regulator examinations. The ideal candidate will have strong skills in risk management, communication and IT security control frameworks.
**Key Responsibilities** **:**
+ Account Identification: Identify relevant, regulated customers, using automation where possible, and provide guidance to those account teams in the onboarding process.
+ Governance: Establish, participate and coordinate governance activities across first (Delivery/Accounts), Second (Security Assurance, Business Controls), and Third (Corporate Audit) lines of defense driving alignment and establishing best practices.
+ Reviews and Controls Assessments: Perform regular reviews of governance/risk activities (MSAC, QCM, SOC) as well as ICT security controls assessments. Design improvements where appropriate and track implementation.
+ Risk Management: Develop and implement risk management strategies to mitigate potential threats and vulnerabilities.
+ ICT Security Controls: Leverage knowledge of ICT security control frameworks to enhance security measures on regulated accounts and infrastructure.
+ Collaboration: Work closely with various stakeholders (BC, CAS, CISO, S&R, Delivery) on cohesive risk management practices.
+ Reporting: Develop, prepare and present appropriate compliance metrics and reporting to senior management and exam teams.
**Who You Are**
Qualifications/Skills:
+ Strong understanding of ICT security control frameworks (NIST; ISO 27002)
+ Excellent analytical, and communication skills.
+ 7+ years experience with corporate governance and related activities.
+ Strong understanding of risk management principles and practices.
+ Ability to work collaboratively with cross-functional teams.
Preferred Certifications/experience:
+ Project Management Professional (PMP)
+ Certification in Risk and Information Systems Control (CRISC)
+ Certified Information Security Manager (CISM)
**Being You**
Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way.
**What You Can Expect**
With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.
**Get Referred!**
If you know someone that works at Kyndryl, when asked 'How Did You Hear About Us' during the application process, select 'Employee Referral' and enter your contact's Kyndryl email address.
Kyndryl is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. Kyndryl is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

About Northern Trust: Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service. Role/ Department: This role is part of Cybersecurity Third Party Risk Management team within 1st Line of Defense; The candidate will be conducting security risk assessment on new and existing Northern Trust's third parties' business partners. Ensuring proper preventative and detective controls are in place and prepare recommendations to strengthen control weaknesses. The candidate will combine deep subject matter expertise in both cybersecurity and assurance disciplines and have exceptional communication and stakeholder management skills. The key responsibilities of the role include: Information Security Governance and Risk Management Access Control Vulnerability and Penetration Network Security Application Security Cryptography Security Architecture and Design Operations Security Business Continuity and Disaster Recovery Planning Legal, Regulations, Investigations and Compliance Physical and Environmental Security Cloud Security Knowledge of regulatory requirements and guidelines relating to Cyber Security, Information Security, Business Resilience and Business Continuity Management. Knowledge on risk treatment and issues management functions and industry tools to support the program. Knowledge of security controls considering factors like data protection, access controls, network segmentation, digital technologies such as Artificial Intelligence (AI) Experience in securing the cloud networking and hybrid configurations. Participate in cyber incident responses to provide guidance related to cyber security risks and control assurance. Foster a positive and collaborative environment. Flexibility, multi-tasking, good business judgment skills are required to meet competing priorities. Contribute to automation, analytics, and continuous improvements of processes. Demonstrate ability to work well in both an individual contributor and team capacity. Skills/ Qualifications: Excellent written and verbal communication skills. Attention to detail. Experience working in global, cross-functional, collaborative teams. In-depth understanding of information security, network management, operating systems, software development, database systems and information technology. Knowledge and awareness on NIST Cyber Security Framework, Center for Internet Security (CIS), ISO etc. is a plus. Knowledge of technology controls around Cloud Computing reviews. Advanced experience with MS Office, SharePoint, and Reporting tools Working with Us: As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater Reasonable accommodation Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at . We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater.