Skip to main content

Senior Information Security GRC, Architecture and Threat Analyst

About the Role

The role of the Senior Information Security GRC, Architecture and Threat Analyst is to ensure that existing and new services are securely implemented through the selection and use of appropriate controls and supporting processes. This position has responsibility for the development, maintenance and ongoing improvement in the areas of Information Security Governance, Risk, Compliance and Security Architecture. This is a wide ranging role covering multiple areas of Information Security.

Responsibilities

  • Assist with development of governance and compliance processes to provide oversight and reporting on key controls and risk measures

  • Proactively investigate and research new threats to the organisation and propose solutions/actions to mitigate.

  • Identify cybersecurity trends with regards to adversary tactics/methodologies, and techniques that could impact the organisation

  • Provide expert guidance on vulnerability mitigation strategies as part of our vulnerability management processes

  • Develop and maintain security standards, policies and processes to support the overall Security Strategy and associated frameworks

  • Conduct information security architecture and security control reviews to address the current and emerging information security and compliance requirements of the organization

  • Provide Level 3 support for security incidents and associated events that may arise out of SIEM alerting and other sources

  • Assist with the implementation of frameworks to measure security controls to ensure they are operating as needed, any deviations are known and resolved, improvements identified and implemented

  • Develop and prepare KPIs and KRIs to measure security controls effectiveness

  • Provide expertise, direction and guidance to operations teams when defining security controls to meet existing and future needs and in response to the changing threat landscape

  • Work collaboratively across multiple teams to ensure security controls are developed accordingly, working as designed and operating correctly

  • Assist with Security Architecture reviews and Threat Assessments against new and existing applications and services

  • Assist with security risk assessments and provide input into security and risk mitigation strategies

  • Support both internal and external audits as they arise as well as conduct reviews as required under the 3rd Party Supplier Risk Framework

Knowledge and Experience 

  • BSc in Computer Science or similar subject area

  • Relevant professional certifications a distinct advantage such as CISSP, ISSAP, CISA, CRISC, CISM, CGEIT

  • 5+ years’ experience in Information Security with a particular focus on GRC, Security Architecture, Threat Intelligence, Threat Modelling and Threat Assessments

  • Background working in Financial Services will be considered an advantage

  • Strong knowledge of Security Architecture and Zero Trust principles

  • Strong knowledge of conducting Security Threat, Vulnerability and Risk Assessments

  • Strong Knowledge of Cloud Security, Architecture, Governance and Compliance controls and processes

  • Good knowledge of the Mitre ATT@CK framework and protection strategies, advising on implementation of detection and prevention controls where possible

  • Good knowledge of frameworks and standards such as NIST, CIS, PCI-DSS, ISO27001:2013, PSD2

  • Good knowledge of security best practices in the SDLC and experience of implementing controls for same

  • Knowledge of working with DevOps practices in the areas of Security Governance, Risk, Automation, Collaboration, Compliance) is advantageous

Critical Competencies

  • Attention to detail

  • Communications

  • Initiative

  • Problem Solving and Analysis

  • Decision making/judgement

  • Influencing and gaining commitment

  • Technical/professional knowledge

About the Benefits
In addition to a highly competitive remuneration package as an An Post employee you will have access to a wide range of benefits including:

  • An Post Company Medical Scheme
  • Market leading Defined Benefit Pension Scheme
  • Cycle to Work Scheme
  • Tax Saver Travel Pass
  • City centre location in walking distance to all major transport services

How To Apply?
We encourage all interested candidates to submit a detailed CV to
Recruitment@anpost.ie by 5.00pm on 11th of December 2020.

 An Post is an equal opportunity employer, celebrating diversity and championing inclusivity. If you require any reasonable accommodations to assist you in participating in our employee selection process, please simply let us know. We welcome all interested parties to apply!
 
About An Post
An Post has successfully restructured the company into two world-class businesses, An Post Mails & Parcels and An Post Retail, each with its own management team and long-term strategy.
 
The Mails & Parcels Business is rapidly growing its eCommerce and mail marketing businesses, offsetting declining mail volumes, while still delivering the highest quality postal service to every home and business in Ireland. The business plays a fundamental role in Irish economic life as the backbone of eCommerce, making sure that communities across Ireland have the same access to goods as in major world cities.