We are looking for a Senior IT Security Engineer to support all technology-related security and compliance issues across the organization including information security, privacy, disaster recovery, business continuity, supplier reviews, user access and data integrity.
You will work closely with Sales, Customer Success and Legal departments on IT Security related matters in the areas of Customer / prospect review, audit and RFPs.
You will also work closely with the technology and development teams on the implementation of policies, procedures and controls to ensure that the organization's practices remain compliant with industry best practice standards.
This role will cover a broad range of responsibilities, from implementations and supporting security technologies, to creating policies, procedures and facilitating workshops for our end users.
The value you will deliver
- You will work with the Sales, Customer Success and RFP support teams on issues relating to Information Security in response to both Customers and Prospects evaluation of Workhuman.
- You will manage the Third Party / Supplier review program ensuring that all new suppliers / potential suppliers meet minimum security standards and work with existing suppliers to improve their Information Security stance.
- Work with internal communications / HR staff to develop, plan, implement and delivery ongoing Information Security awareness and privacy training across the organization including the development of metrics
- Develop and implement a program of reviews / measurements to provide assurance of compliance with policy (to include application / system reviews, User access reviews, Firewall rules reviews etc.)
- Create and rollout appropriate Information Security / IT policies as required. Review existing policies and their implementation.
- You will add your voice to the identification and documentation of risks and where necessary the development and management of mitigations
- You will work with and guide business areas on the development and testing of practical BCP plans for each department
- Provide technical input to all implementations / development solutions ensuring industry best practice standards are adhered to by all
- Work with the teams to implement a meaningful set of monitoring / metrics from IDS / File integrity checking / Logs to ensure good visibility of network activity. Refining the results according to the current threat landscape
- Manage a regular external and Internal Scanning / Pen Testing program to provide assurance for both management and customers of the security status of the environments and make such testing an integral part of the SDLC
- You will research, evaluate, test and implement security products as required.
The skills you will bring
- 5+ years of IT experience, with three years in an information security role or managing security technologies.
- A respect for the quality of your work, and how the quality of your work directly impacts your team, the wider organisation and our customers.
- A diploma or degree in Computer Science or IT related discipline or equivalent is desirable.
- Have acquired or be in the process of acquiring a security certification E.G. CISA, CISSP or GISP:GIAC, CEH, CHFI or other security related technology certifications. A cloud certification would be beneficial.
- A solid understanding of industry best practice standards such as International Standards Organization (ISO)2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.
- Familiarity with applicable legal and regulatory requirements, including, but not limited to, GDPR, Privacy Shield, PCI-DSS, the U.S. Sarbanes-Oxley Act, the U.S. Health Insurance Portability and Accountability Act (HIPAA) and PIPEDA is desirable.
- Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, management and business personnel.
- Strong project management skills and experience in creating and managing project plans.
- Strong analytical skills to analyse security requirements and relate them to appropriate security controls. Ability to provide innovative solutions to issues and problems.
- Up to date industry knowledge and participation in industry forums to ensure knowledge of the latest threat vectors etc.
- Knowledge of risk frameworks / methodologies is desirable.
- Knowledge of Agile development methodologies.
- An understanding of operating system, network protocols and cloud technologies to include a good knowledge of Active Directory, IP addressing, Log management, IDS / IPS, file integrity software and firewall technologies.
- Experience in security testing (vulnerability scanning and penetration testing) and application security testing.
- 25 days annual leave, increasing with years of service
- Company plan VHI Health Care & Dental cover for employee and dependencies
- A Pension commencing after probation period
- Participation in Workhuman’s employee recognition programs
- Discounted gift certificates
- Discounted TaxSaver Travel cards/free car parking (subject to availability)
- Income Protection
- Life Assurance
- Access to our Tuition Reimbursement Scheme
- Access to Workhuman University
- Additional ‘perks’ - Free breakfast cereal, fruit, tea/coffee, fantastic catered events and wellness activities throughout the year etc.
At Workhuman, we love what we do because we’re shaping the future of work through our people and our technology. Our human cloud-based applications are helping some of the world’s leading global brands connect culture to shared purpose. The Workhuman Cloud empowers employees to thank, talk and celebrate each other, creating an environment that sparks gratitude and human connection while increasing employee engagement and productivity.
Did you know:
- We have an award winning culture, we were #1 Great Place to Work in Ireland 2019 medium-sized workplace, #4 in the 2020 Ireland large-sized workplaces and were named as one of Irelands Best Workplaces for Women 2020 by Great Place to Work
- There are currently over 4.5 million users on Workhuman® across 160 countries.
- Our core values are; Respect, Determination, Innovation and Imagination.