Location:
Dublin, Hybrid
Role Type:
Permanent
Compensation:
Competitive Salary & Benefits Package
Reports To:
Head of Technology / CIO
Department:
Cybersecurity, Infrastructure, Risk & Compliance
Experience Required:
10+ years
Role Purpose
The Senior Cybersecurity & Infrastructure Security Manager will play a key leadership role in delivering cybersecurity and information security assurance. This position combines strategic governance with hands-on technical capability, ensuring secure-by-design practices, robust cyber defence, and strong regulatory alignment across cloud, data, identity, and infrastructure environments. The successful candidate will lead policy, risk, security tooling, Microsoft Purview governance, incident response, and cyber assurance activities while embedding a strong security culture throughout the programme.
Key Responsibilities
Strategy, Governance & Risk
* Develop and maintain the programme's cybersecurity and infrastructure security strategy aligned with ISO 27001, NIS2, GDPR, CSF, CIS Controls, and regulatory requirements.
* Own and update security policies, standards, and operating procedures.
* Maintain an active cyber risk register and drive continuous maturity improvement.
* Produce clear, concise cyber and risk reporting for senior leadership and programme boards.
Security Operations & Incident Management
* Lead incident response and coordinate cross-functional actions during major security events.
* Maintain and improve incident response playbooks and escalation protocols.
* Oversee threat detection, monitoring, and response processes across EDR/XDR, SIEM, and vulnerability management tooling.
* Ensure timely remediation of vulnerabilities with clear SLAs.
Security Architecture & Technical Assurance
* Provide security design and risk assessments for new technology, applications, and infrastructure deployments.
* Support secure-by-design architecture reviews, including Azure, M365, identity, network, and data flows.
* Review and approve technical controls for identity governance (Entra ID), Conditional Access, MFA, segmentation, and endpoint hardening.
Microsoft Purview - Data Governance Leadership
* Lead the design, deployment, and governance of Microsoft Purview across the organisation.
* Configure and manage core Purview capabilities such as:
* Sensitivity labels & label policies
* Data Loss Prevention (DLP)
* Data classification & trainable classifiers
* Insider Risk Management
* Retention & Records Management
* eDiscovery and audit capabilities
* Monitor Purview alerts and collaborate with HR/Legal where necessary.
* Ensure Purview policies align with GDPR, Data Protection Act 2018, ISO 27001 Annex A controls, and organisational data handling standards.
Tooling, Monitoring & Infrastructure Security
* Administer and optimise the organisation's cybersecurity tooling stack:
* Microsoft Defender (Endpoint, Identity, O365, Cloud Apps)
* SIEM (Microsoft Sentinel or equivalent)
* Vulnerability management (TVM/Nessus/Qualys)
* Identity governance and privileged access (Entra ID / PAM)
* Build automation and response playbooks using Logic Apps / automation rules.
* Maintain baseline configurations for Windows, Azure, and M365 workloads.
Culture, Awareness & Training
* Deliver continuous security awareness campaigns and targeted training sessions.
* Run phishing simulations and role-based threat education.
* Promote a strong, proactive security culture across technical and non-technical teams.
Reporting & Performance Measurement
* Track and report cyber KPIs including:
* Vulnerability SLAs
* MFA/Conditional Access compliance
* Purview data governance metrics
* Incident response times
* SOC/SIEM alert posture
* Produce quarterly cyber assurance updates for senior leadership and audit committees.
Required Skills & Competencies
Technical
* Strong hands-on experience with Microsoft Security stack (Defender, Sentinel, Entra ID).
* Practical experience deploying and managing Microsoft Purview.
* Solid understanding of Azure security architecture, identity governance, endpoint hardening, and secure cloud operations.
* Deep familiarity with SIEM, EDR, vulnerability management, and security monitoring.
* Ability to review logs, alerts, CA policies, identity events, and network/security configurations.
Professional
* Strong communication skills and ability to present risk to executives.
* Proven leadership in complex or multi-year transformation programmes.
* Ability to influence partners, vendors, and stakeholders at all levels.
* Pragmatic, decisive approach to balancing security with business deliverables.
Qualifications & Experience
* 10+ years' experience in cybersecurity, information security, or infrastructure security.
* Experience in programmes involving cloud-first or large-scale digital transformation.
* Degree in Information Security, Computer Science, Engineering, or equivalent experience.
* Preferred certifications:
* CISSP, CISM, CISA
* SC-100, SC-200, SC-400
* ISO 27001 Lead Implementer/Auditor
* Experience with GDPR, Data Protection Act 2018, and other regulatory expectations.