Title: Information Security AnalystType:PermanentLocation:CorkMy client is looking to hire a Information Security Analyst for a brand new team based in Cork. You will have circa 5+ years exp for this this role and you will report into one of the most engaging DPO / CISO's in the country. The InfoSec Analyst will support the organisation's Governance, Risk, and Compliance (GRC) function, helping to ensure that information assets, systems, and data are protected while enabling business transformation and innovation. This is an excellent opportunity for motivated professionals with experience in information security, IT risk, governance, or data protection to further develop their careers within a large, complex enterprise environment.THIS IS A BRAND NEW ROLE WITHIN A BRAND NEWLY FORMED TEAMTHIS IS VERY MUCH A IT RISK / GRC FOCUSED ROLETHIS ROLE IS CORK BASEDONSITE 2-3 DAYS PER WEEKKey Responsibilities:Develop, implement, and maintain the organisation's GRC framework.Support the creation and maintenance of security and privacy policies, standards, and procedures.Act as a security and risk subject matter expert for IT and business projects, including defining security requirements.Support internal and external audits, including preparation, evidence gathering, and remediation tracking.Manage and track risk assessment activities and remediation actions to completion.Produce management information, metrics, and reports as required.Conduct technical and procedural risk assessments of systems, applications, and business processes.Define and assess security controls for new systems and transformation initiatives.Evaluate third-party vendors from an IT and cyber risk perspective.Support governance of security standards and frameworks (e.g. ISO 27001, NIST).Maintain risk registers and support ongoing risk exposure management.Promote a strong security and risk-aware culture across the organisation.Monitor and assess compliance with internal policies, standards, and regulatory requirements.Support GDPR and privacy compliance activities, including third-party management.Assist with Data Protection Impact Assessments (DPIAs) and compliance reviews.Support engagement with regulatory authorities where required (e.g. breach notifications, investigations).Assist with PCI DSS compliance and attestation activities.Review evidence of compliance from third parties and internal stakeholders.Key Experience:Ideally have 5+ years experience in IT Audit, IT Risk, GRC etc…Privacy or security certification (e.g. IAPP, CIPP, CISSP) or equivalent relevant experienceExperience in information security, IT risk, governance, or data protectionStrong understanding of security and data protection regulations and frameworks (e.g. GDPR, ISO 27001, NIS)