Life Credit Union is a socially responsible financial institution dedicated to delivering exceptional value and service to our members, which we have been providing for over 55 years. Established in 1968, Life Credit Union is among the largest Credit Unions in Ireland with assets of 180 million euro and a membership base of over 38,000. We currently operate 4 branches in Main Street Naas; Monread, Naas; Maynooth and Newbridge. Offering a range of ethical financial services, membership is open to anyone living or working in Naas, Maynooth, Newbridge and surrounding areas. Our main services are savings accounts and flexible loans for members. As a Credit Union, we are different. The more members do business with us, the more we can give back to the community. We are a not-for-profit organisation, so the money we make goes directly back to our members. That's what sets us apart from our competitors. That's what makes us unique. We are committed to providing innovative financial services while ensuring the absolute security, privacy, and operational resilience of our members' data. Role Overview We are seeking a highly capable, Hands-On Information Security Officer to manage our day-to-day security operations and assist with our ICT compliance framework. This is a dynamic role in which you will actively manage our modern security stack (including CrowdStrike, Azure, and Microsoft Defender) while ensuring our operations strictly adhere to ISO 27001, PCI DSS, DORA, GDPR, the EU AI Act, and Central Bank of Ireland regulations. Key Responsibilities Technical Security Operations: Endpoint & Threat Management: Manage and monitor CrowdStrike Falcon Complete, utilizing Charlotte AI to investigate threats. Manage Defender for Email to prevent phishing and malware. Administer endpoint security and mobile policies via Microsoft Intune (MDM) and lead the technical Incident Management process. Cloud & Identity Security: Administer our cloud infrastructure, utilizing Azure Cloud Security, Defender for Cloud, and Enforcer Cloud Security. Manage Entra ID (formerly Azure AD), enforcing strict Identity and Access Management (IAM), Conditional Access, and MFA protocols. Network, Data Security & DLP: Manage corporate Firewalls, SD-WAN infrastructure, and secure VPN access. Oversee enterprise Encryption policies and handle lifecycle Security Certificate Management (SSL/TLS/PKI). Implement and manage Data Loss Prevention (DLP) policies (e.g., via Microsoft Purview) to safeguard sensitive member data and ensure the Cardholder Data Environment (CDE) is secure. Vulnerability & Threat Management: Lead proactive Vulnerability Management scanning and remediation efforts. Coordinate annual third-party Penetration Testing. Oversee Dark Web monitoring initiatives to proactively identify compromised corporate credentials or data leaks. AI Governance & Asset Management: Oversee the secure deployment and monitoring of Microsoft 365 Copilot. Maintain an accurate, secure Asset Management inventory across the organization. IT Compliance, Risk & Governance: Internal ICT Risk Management: Conduct regular Internal ICT Risk Assessments, identifying potential vulnerabilities, insider threats, and systemic risks. Own and maintain the Internal ICT Risk Register, ensuring mitigation strategies are implemented and tracked. Regulatory & Framework Compliance: Function as the subject matter expert for PCI DSS, the Digital Operational Resilience Act (DORA), GDPR, the EU AI Act, and Central Bank of Ireland (CBI) guidelines. Ensure all technical controls and data flows align with ISO 27001 standards. Process Governance: Oversee IT security workflows, ensuring strict adherence to established Incident and Change Management protocols to minimize operational risk. AI Risk Management: Assess and classify AI systems utilized by the Credit Union to ensure compliance with the EU AI Act, maintaining transparency for general-purpose AI and monitoring high-risk financial use cases. Security Culture: Manage the ongoing Security Awareness Training platform, deploying phishing simulations and educational campaigns to staff to mitigate human-centric internal risks. Audits & Reporting: Manage third-party vendor risk and prepare comprehensive technical, risk, and compliance reports for the Head of ICT. Requirements & Qualifications Experience: 3-5 years in a direct Information Security, Cyber Security, or SecOps role within a regulated environment. Technical Proficiency: Proven experience managing Microsoft Security Ecosystems (Azure, M365, Defender suite, Entra ID, Intune, Purview/DLP). EDR/XDR Experience: Direct experience with top-tier endpoint protection platforms (specifically CrowdStrike Falcon). Network & Infrastructure: Solid understanding of network architecture, cryptography/encryption, vulnerability scanning tools, and certificate management. Compliance & Risk Knowledge: Solid understanding of internal ICT risk management, Frameworks and relevant legal requirements e.g. NIST, ISO 27001, NIS2, DORA, GDPR, PCI DSS, EU AI Act, etc. Working knowledge of Service, Incident and Change Management processes. ITIL Foundation certification would be advantageous. Education & Certifications: Relevant Third Level Qualification, Industry certifications such as Microsoft Certified: Security Operations Analyst (SC-200), CISSP, CISM, CRISC (Certified in Risk and Information Systems Control), or CompTIA Security+ are highly advantageous. Soft Skills: Analytical mindset with the ability to translate complex technical threats into actionable business risks for the Head of ICT and non-technical leadership. The successful candidate will be required to satisfy the minimum competency requirements as set out in the Central Bank Guidelines, (QFA/APA). The Credit Union will provide financial support for the successful candidate to obtain this qualification if they do not have it currently. Life Credit Union aims to attract, recruit, and retain individuals with diverse backgrounds, skills, competencies, and abilities to work collaboratively to enhance the service we provide to all of the members we serve. #irishjobs