Information Security Officer – ICT and Business Services

Closing date for applications: 15/08/2022

Role summary

The Information Security Officer role is based within the ICT & Business Services (ICTBS) department reporting to the ICT Manager.  

The responsibilities of the Information Security Officer include the design and enforcement of policies and procedures that protect the organisation's computing infrastructure from security breaches and data loss. The role involves identifying vulnerabilities and working with various parties to resolve them to ensure that the organisation’s network and data remain secure.

The Information Security Officer will primarily focus on proactive vulnerability and threat management activities, including monitoring and testing security controls, researching emerging threats, and assessing vulnerabilities to assist in aligning security practices/standards to maintain and improve the security posture of the HPRA network and business systems in line with the Digital Transformation Strategy. The Information Security Officer will work closely with the ICT Manager and the Application Development Manager and maintain active working relationships with colleagues and stakeholders across the HPRA and the European network.

Key responsibilities

Strategic Management

  • Research and maintain knowledge of the IT threat landscape, security trends, regulatory requirements, new technologies and best practices in order to provide pragmatic security advice to stakeholders.

  • Collaborate with security partners/vendors, IT management, developers, and software providers to develop and maintain a holistic security strategy and appropriate remediation plans.

  • Collaborate with development teams, product owners, architecture, IT, business, vendors and other stakeholders to investigate risk remediation controls.

  • Recommend the implementation of effective controls to support defined security policies and standards.

  • Establish, maintain, and improve logical access management practices for all users (Generic, User, Service and Privileged)

  • Develop an awareness training plan that is fit for purpose, aligned with strategy and considers a range of risk data points e.g. audit findings, risk and control self-assessments, IT Security risk assessments, emerging threats and risks, and incidents.

  • Contribute to the development and delivery of the HPRA’s overall Digital Transformation Strategy and focus IT security activities to support the overall organisation strategy.

 

For more information please refer to the role profile below. Applications should be submitted via the HPRA Recruitment Portal.


Role Profile                Application form



« Back