The Health and Safety Authority (HSA) are seeking a Higher Executive Officer: ICT Security Lead.
Location: This role can be based in the Authoritys Dublin HQ or in one of the regional offices as may be agreed by the Authority and the candidate.
The role will have a nationwide remit.
The Authority reserves the right, at its discretion, to change the primary location to any other place within Ireland.
Key Responsibilities will include: Participating in all areas of operation of an ICT Team.
Project Managing complex multi-disciplinary ICT projects and providing leadership on the delivery of ICT services throughout the HSA.
Acting as a senior internal ICT specialist and primary point of coordination for information security, leading where necessary in the delivery of solutions to complex technical issues.
Developing and implementing security policies, protocols, and procedures.
This involves creating a comprehensive list of controls, including policies, processes, and measures, to protect systems and data from threats.
Ensuring that all necessary technical controls related to information security are implemented to minimise the risk to the HSAs data assets from cybercrime.
Securing network, cloud and digital assets: Overseeing the continuous monitoring and protection of all ICT systems.
Evaluating suspected security breaches and recommending corrective actions.
Documenting and assessing the impact of any security breaches.
Maintaining the ICT Risk Log.
Performing regular security audits and assisting in the implementation of any recommendations arising.
Participating in Incident Response tabletop exercises.
Managing and coordinating the response to information security incidents.
Continuously reviewing and improving HSAs ICT Continuity / Recovery approach.
Managing the HSAs Security Steering Group (SSG), ensuring the group meets, minutes are maintained, and all requirements for the committee to operate are provided for.
Ensuring high-level ICT security standards are maintained and continually improved, e.g., NIST, NIS2, National Cyber Security Baseline Standards.
Cyber awareness training: Procuring, implementing, and leading the delivery of information security awareness and training.
Ensuring continuous self-education and development in matters relating to the position.
Actively participating in the annual business planning, risk management, and Performance Management Development System (PMDS) processes.
Vendor management: Successfully managing and coordinating with associated vendors, auditors, and consultants.
Possessing a high degree of initiative and being able to work both as an individual and as a team member.
Managing workload effectively within the team to ensure that the targets set for ICT are achieved.
Essential Requirements: NFQ Level 7 Degree in Computer Science, Information Technology or other relevant area.
Minimum of 3 years ICT experience in a medium to large size organisation.
Project and/or vendor management experience.
Knowledge of vulnerability management software.
Desire to develop a career in the area of Security.
Excellent Communication and Collaboration skills.
Excellent organisational and time management skills with strong attention to detail.
Desirable Requirements: NFQ Level 8 in Computer Science, Information Technology or other relevant qualification.
Knowledge of and experience in NIS2, NCSC baseline standards ISO22300 and/or 27000 Standards.
CISM, CISSP, Comp TIA Security+ ISO 27002 or other relevant Security qualifications.
Experience with Azure/0365, Microsoft Defender, Sophos XDR and application control, Fortinet, SIEM, AD/ADFS.
Familiarity with ITIL.
Project Management qualification.
How to Apply: Conscia will be managing all aspects of the recruitment process on behalf of the Authority.
You can submit your completed Application Form via Conscia Talent's website.
Please note that Cover Letters and CVs are not required and should not be submitted.
No enquiries or canvassing may be made to the Authority.
The closing date for completed applications is Thursday 4th December 2025 at 5pm (Irish time).
Applications will not be accepted on the online portal after this deadline.
Late applications will be ineligible for consideration.
Skills: ICT Security Cybersecurity