Back to Current Vacancies

Information Security and Project Support

Role Objective

The Information Security Engineer will be responsible for the planning, deployment, and delivery of security measures to protect the Coillte’s networks, systems, and applications and ensure the appropriate controls are in place to protect business information and data from unauthorized access, deliberate attack, theft and corruption. This will also include the ongoing management, monitoring, audit and reporting on the various Information Security controls.

Terms and Conditions

 

Contract: Permanent

Reports to: ICT Enterprise and Security Architect

Location: Newtownmountkennedy

Responsibilities

Security Governance & Standards

  • Assist with formulating and implementation of Information Security policies, and to manage and maintain the Information Security Management System (ISMS)
  • Assist with development of relevant BCP plans for IT & business from an Information Security perspective.

Security Operations

  • Responsible for configuring & deployment of a variety of security technologies to monitor and respond to current and emerging cyber threats.
  • Help to detect and prevent cyber-attacks which includes working hand in hand with Coillte’s Security Operations Centre (SOC) team and other associated Security Partners as appropriate.
  • Develop & monitor Key Risk Indicators (KRI) & Key Performance Indicators (KPI), relating to the information security controls of the business.

Security Incident Management

  • Ownership & management of the Information Security Incident Management Process.
  • Support the management and reporting of incidents & any follow-up actions, agreeing the required actions & ensuring that all required actions are carried out as required.
  • Ensure that Security Incidents managed & closed out as required including escalation of incidents as appropriate within agreed timeframes.

Cyber Risk Management

  • Oversight & reporting on all risks pertaining to information security, including all forms of cyber risk & all risks relating to the protection of personal data throughout the business.
  • Conduct Data Protection Impact Assessments (DPIA) to identify risks arising out of the processing of personal data demonstrating compliance with current GDPR and other associated data protection laws.
  • Assist in the assessment of risk to the security of information, assets, and personnel.

Customer Information Security Management & Training

  • Engage with business units to help and guide them in their decision making with respect to Information Security elements of the product/service design.
  • Support Digital Subject Access Requests (DSAR), Freedom of Information (FOI) and any other requests for sensitive personal and business data as required by the public or internal business units.
  • Support the ICT Disaster Recovery (DR)/Business Continuity processes for the various business units.
  • Provide information security awareness, education, and training.

ICT Technical Services Project Delivery

  • Participate in various support/delivery roles on a range of ICT infrastructure projects as appropriate.

Behavioural Competencies:

  • Drive for Results: Conscientious, diligent, and hard-working individual with a drive to exceed goals and push self and others towards high levels of performance.
  • Communication & Collaboration: Excellent interpersonal skills to build effective relationships ability to actively listen and negotiate with staff, contractors, and stakeholders.
  • Problem-Solving: Proactive in identifying issues, working on own initiative to reduce complexity and increase efficiency our security processes.
  • Attention to Detail: Good ability to deliver accurate and timely data and information.
  • Organised: A highly organised individual that can prioritise and execute several operational initiatives. Ability to work on own initiative and willingness to take on ownership of tasks.
  • Decision-making: The capacity to make good decisions and ability to work with relevant 3rd parties as appropriate.

Technical/Professional Competencies:

Essential:

  • FETAC Level 7 or 3rd Level qualification in IT
  • Minimum of at least 2 years’ experience in Information Security environment
  • Knowledge of information security and risk control frameworks such as NIST Cyber Security, COBiT, ISO 27001 etc
  • Experience in the configuration and deployment of a range of security tools and solutions
  • Project Delivery – Experience working on projects using the Prince2 or PMI methodologies.

 

Desirable:

  • Completed Training and/or qualifications in any of CISSP/CISM/MCP/CompTIA or recognised equivalents.
  • Experience in Information Systems such as Office 365/Microsoft Exchange, Active Directory, Firewalls, Network, Storage, SIEM, DR, Immutable Backup solutions, Cloud Services
  • IT Service knowledge: Experience of ITIL service management framework & processes would be advantageous.

Our Values

  • Respect
  • Simplicity
  • Empowerment
  • Outward Looking
  • Responsible

Applications

Closing date for applications is 4pm Thursday 5 October 2023. Please submit your cv to forestrecruitment@coillte.ie

Coillte is proud to be an equal opportunities employer. We are committed to providing an inclusive and diverse workplace for all which builds upon our core values and fosters a positive work environment where EVERYONE can bring their true self to work and achieve their full potential.

If for any reason you would like us to make any supports or accommodations to help you in making your application please contact us at forestrecruitment@coillte.ie.

Your application details will be stored for a period of 14 months in line with the Data Protection Act 1988, Amended 2003, and the General Data Protection Regulation (Regulation (EU) 2016/679, and used solely for the purposes of your application for employment within the Company. For more information on the processing of your personal data please see our Data Protection Policy and Privacy Policy.