Compliance & Risk Manager

Dublin North
25 Sep 2018
26 Oct 2018
Job role
Working for this service company, your daily roles and Responsibilities will be Quality Assurance (QA) Management Systems ·        To maintain certification to the ISO9001 and ISO14001 international quality standard ·        To promote a quality assurance and continual improvement culture in all areas of the business ·        To review process documentation to ensure adequacy and consistency is maintained ·        To report to senior management and client on the performance of the quality management system Perform audits internal, third parties and upon Client request. ·        To represent the Company during external compliance audits. ·        To oversee internal quality audits on all key processes within the business ·        Perform risk assessments of business unit practices against selected Information Security control standards and previous audit results to identify gaps ·        Ensure action plans are established to address Risks identified and follow-up as necessary to ensure appropriate mitigation has been put in place.   Enterprise Risk (ERM) Management ·        Provide formal updates regarding risk through an annual risk review and through monthly Governance, Risk and Compliance (GRC) meetings ·        To ensure an effective Risk Register is in place covering pro-actively all key areas of the business, action planning risk mitigation and closing off risks. ·        To promote an enterprise risk culture across all areas of the business ·        Responsible for risk management and sign off on all changes to core services and for all phases of new projects implementation ·        Responsible for documenting and the continual maintenance of the Business Continuity Plan  (BCP) which covers all key activities of the business   Data Protection  Compliance ·        To maintain all operational processes are compliant to General Data Protection Regulations (GDPR) ·        To provide guidance and expertise to all levels of the business on DP issues ·        Perform data protection audits on the Company's key service providers (data processors) to ensure all service providers are complying with the GDPR ·        Responsible for the regular testing of the BCP in line with the Disaster Recovery (DR) Plan Information Security (IS) Management Systems ·        Strategic planning, identification and implementation of initiatives related to Information Security across all areas of the business ·        To maintain certification and continual improvement across the business to ISO27001 Information Security Management System, ·        To maintain compliance to throughout the business. ·        Manage external vendors in their performance of controlled vulnerability scanning and penetration testing on applications, network protocols, and databases ·        To implement, document and ensure adherence to company Information Security policies, promote application of best practice throughout the business. ·        Coordinate and perform technical security audits on the Company IT infrastructure to ensure sensitive data is stored and processed securely (e.g. firewall review, server hardening, access control, anti-virus, patch management, vulnerability assessments, incident response etc.) 5 plus years' working experience in quality and risk management for an Operation Senior stakeholder management and communication experience essential, particularly multiple stakeholders. Bachelor's or master's degree Knowledge of Information Security Management systems and Payment Card Industry standards and Data Protection regulations is essential Knowledge of ISO9001Quality Assurance Standard and ISO14001 is desirable  Certification to one or more of the following CISA, CISSP, CISM and ISO27001 Auditor would be advantageous