Cyber Security Specialist

Cyber Security Specialist

School/Unit: Corporate Services / IT

Post Title: Cyber Security Specialist

Post Duration: Full-Time, Specified Purpose (until 31st December 2028)

Grade: VII

Reports to: Head of IT

Salary: NCAD €60,611 - €78,795 * per annum

*Candidates should note that as per Department of Finance guidelines, entry will be at the first point of the salary scale and the rate of remuneration may be adjusted from time to time in line with government pay policy. Candidates should note that different pay and conditions may apply if, immediately prior to appointment, the appointee is a serving civil or public servant.

Annual Leave: Annual Leave will be 29 working days per annum. This leave is exclusive of public holidays.

Hours of Attendance: Working hours will be 35 hours per week (net of rest breaks).

Location: This position is based at NCAD, 100 Thomas Street, Dublin

This role is a specified purpose role funded by the Targeted Enhancement Fund (TEF), this funding is time-bound and the objectives of the funding are to:

• Provide targeted support for initiatives that are critical to the strategic development of NCAD.
• Contribute towards enhancement initiatives that will strengthen the performance of NCAD.
• To consolidate NCAD's position in the higher education landscape.
• Facilitate the development and/or continuation of initiatives that further national policy and priorities.

Role Purpose

The Cyber Security Specialist will be responsible for safeguarding NCAD’s information systems, data, and digital infrastructure. Following a number of years of capital investment in the infrastructure within the college we are moving forward with multiple cyber security projects and this role will support the IT Department in enhancing cyber security on campus. The role focuses on operational security management, incident response, risk mitigation, and the continuous improvement of the College’s cyber security posture in line with national frameworks and regulatory requirements.

Principal Duties and Responsibilities:

Security Operations & Monitoring

• Manage and maintain existing cyber security tools and systems in operation across NCAD.
• Act as the primary point of contact for Security Operations Centre (SOC) and Security Information and Event Management (SIEM) alerts.
• Perform detailed root cause analysis on all security alerts and incidents, ensuring appropriate remediation actions are implemented.
• Monitor threat intelligence feeds, vulnerabilities, and Common Vulnerabilities and Exposures (CVEs), ensuring timely response to emerging threats.
• Undertake any other such appropriate duties, which may be assigned from time to time by their Line Manager

Risk Management & Compliance

• Lead the implementation and ongoing development of the CIS Critical Security Controls within NCAD.
• Drive alignment with the Cyber Fundamentals Framework (once ratified by the National Cyber Security Centre Ireland) and compliance with NIS2 Directive requirements.
• Provide recommendations on future security solutions and improvements based on risk assessments and best practice.

Incident Response & Preparedness

• Lead the continuous improvement of the NCAD Cyber Incident Response Plan.
• Further develop and maintain incident response playbooks and runbooks.
• Plan and facilitate regular tabletop exercises to test organisational readiness and response capabilities.

Vulnerability Management

• Manage internal and external vulnerability scanning programmes.
• Coordinate and oversee third-party penetration testing activities.
• Track, prioritise, and ensure remediation of identified vulnerabilities.

Governance & Stakeholder Engagement

• Collaborate closely with IT teams to embed security best practices across all IT systems and infrastructure.
• Provide security guidance and input into new and ongoing IT projects.

Training & Awareness

• Promote a culture of cyber security awareness and responsibility across the organisation.

Undertake any other such appropriate duties, which may be assigned from time to time by their Line Manager

Mandatory Criteria

• Relevant third-level qualification in Cyber Security, Information Technology, or a related discipline.
• Significant experience in cyber security operations, incident response, or a related area.
• Strong knowledge of security frameworks (e.g., CIS Controls, NIST, ISO 27001).
• Experience with SIEM/SOC environments and vulnerability management tools.
• Excellent analytical, problem-solving, and communication skills.

Desirable Criteria

• Professional certifications (e.g., CISSP, CISM, CEH, CompTIA Security+).
• Experience working in the public sector or higher education environment.
• Familiarity with Irish and EU cyber security regulations and frameworks.

Closing Date: 11th May 2026