Munster Technological University (MTU) is a multi-campus technological university, contributing to the region through the provision of academic programmes that support student development and opportunities, education, and research. MTU has an extensive and impressive regional footprint with six campuses across the South-West region in Cork and Kerry, and a student body of 18,000. MTU is seeking a person with suitable experience to fill the role of Cyber Security Governance, Risk & Compliance Manager in our Risk and Compliance team within the MTU IT Services department. MTU is embarking on some major transformation projects over the coming years and needs to recruit suitable expertise to assist with this transformation. Location, level, and relationship within management structure: This post can be based in either the Cork or Kerry Campus but will involve some travel between both campuses. The successful candidate will be reporting to the Head of IT Security, based in the MTU Kerry campus. Duties and responsibilities of the position: Develop, implement, and maintain a robust IT governance, risk, and compliance framework in line with industry best practices and regulatory requirements. Drive risk maturity through project lifecycle and provide independent assessments, challenge inherent risks in material changes e.g., business decisions, projects, process changes, implementation of new systems, applications, and infrastructure. Assist with ongoing risk assessments, internal and external vendor audits, compliance, and governance checks. Establish relevant controls and assurance program to perform periodic IT Services compliance reviews and reporting of operating environment (e.g., operations, applications, third party suppliers) to determine compliance to relevant polices, legal and industry best practices. Work closely with faculty, procurement, HR, and facilities, etc. to identify cybersecurity framework compliance baselines from industry, legislative requirements, and organisation objectives. Ensure all relevant current and future MTU, public sector, legal obligations are implemented and maintained. Drive the continuous automation and management of third-party risk management using technology and data-enabled solution. Manage third party engagement across various risk domains and streamline assessments with automation where possible. Prepare reports, update policies, procedures and other materials as required by relevant stakeholders and submit the same to Head of IT Security. Lead internal and external engagements relevant to IT services, ensuring adequate stakeholder engagement and transparency throughout. Ensure continuous improvement of the GRC (Governance, Risk & Compliance) function based on a thorough knowledge of operational service management, governance, risk & compliance management best practices. Manage and motivate team members through leading by example and being an integral part of the MTU cybersecurity team. Manage and expand existing/new cybersecurity applications to maintain a high level of Compliance with global best practices The successful candidate will have as follows: Essential: A relevant Third Level Qualification and/or Advanced industry certification in cybersecurity, audit and/or risk management. AND Significant work experience within various IT service/operations management, cybersecurity, audit and/or risk management environments/industries. Desirable: Strong knowledge of regulatory requirements, frameworks, and industry standards e.g. NIST, ISO27001, CIS, ITIL, PCI DSS, NIS, NIS2, GDPR. Experience in the development, delivery and management of large scale, multi-site IT governance, risk, and compliance environments. Knowledge and experience in cybersecurity escalation and/or incident management. Proven knowledge of general IT, cybersecurity, and cloud technologies, including enterprise cybersecurity monitoring and management platforms and tools. Proven knowledge of industry best practices, standards. cybersecurity frameworks, and regulatory compliance requirements. Demonstrated abilities around teamwork, communication, collaboration, reporting and documentation. Outstanding capacity to be an SME, who can be influential, drive change and serve as an effective member of the cybersecurity team. Able to communicate cybersecurity-related concepts and requirements to a broad range of technical and non-technical staff within the organisation. Demonstrated ability to prioritise tasks and ensure delivery of cybersecurity related services, policy, and processes. Exceptional interpersonal, communication and negotiation skills, with the ability to consult effectively with both internal and external stakeholders, to proactively identify and solve cybersecurity compliance issues. Important Notes: Screening and short-listing only takes place on the basis of information submitted on the application. In addition to the minimum criteria, it may be necessary to introduce further shortlisting criteria. Candidates should note that they may be called for more than one interview. Please ensure that full information is given on qualifications and that the information is accurate and corresponds to the original transcript of qualifications. Please ensure that those you nominate as referees are contacted by you and will be able to supply a reference without delay, if requested. The University regrets that it cannot pay expenses for candidates attending interviews for this post or for taking up the position, if appointed. Applications received after the closing date will not be accepted. Appointments will be subject to Garda vetting. Application Process: The University operates an online recruitment system. Applications will not be accepted in any other format. All applications must be made via the eRecruitment system. Please log on for more information and to apply for this position. The information given in this document is of a general information nature only and should not be taken as contractual. Closing date for receipt of completed applications is 1.00pm on Friday, 9 January 2026. MTU is an equal opportunities employer. Skills: Relevant Essential Qualifications Significant work experience in IT/Cybersecurity Proven knowledge of industry best practices