Higher Executive Officer – ICT Security Lead

MAIN DUTIES AND RESPONSIBILITIES:

The main duties and responsibilities will include:

■ Participating in all areas of operation of an ICT Team.

■ Project Managing complex multi-disciplinary ICT projects and providing leadership on the delivery of ICT services throughout the HSA.

■ Acting as a senior internal ICT specialist and primary point of coordination for information security, leading where necessary in the delivery of solutions to complex technical issues.

■ Developing and implementing security policies, protocols, and procedures. This involves creating a comprehensive list of controls, including policies, processes, and measures, to protect systems and data from threats.

■ Ensuring that all necessary technical controls related to information security are implemented to minimise the risk to the HSA’s data assets from cybercrime.

■ Securing network, cloud and digital assets: Overseeing the continuous monitoring and protection of all ICT systems. Evaluating suspected security breaches and recommending corrective actions. Documenting and assessing the impact of any security breaches.

■ Maintaining the ICT Risk Log.

■ Performing regular security audits and assisting in the implementation of any recommendations arising.

■ Participating in Incident Response tabletop exercises. Managing and coordinating the response to information security incidents.

■ Continuously reviewing and improving HSA’s ICT Continuity / Recovery approach.

■ Managing the HSA’s Security Steering Group (SSG), ensuring the group meets, minutes are maintained, and all requirements for the committee to operate are provided for.

■ Ensuring high-level ICT security standards are maintained and continually improved, e.g., NIST, NIS2, National Cyber Security Baseline Standards.

■ Cyber awareness training: Procuring, implementing, and leading the delivery of information security awareness and training.

■ Ensuring continuous self-education and development in matters relating to the position.

■ Actively participating in the annual business planning, risk management, and Performance Management Development System (PMDS) processes.

■ Vendor management: Successfully managing and coordinating with associated vendors, auditors, and consultants.

■ Possessing a high degree of initiative and being able to work both as an individual and as a team member. Managing workload effectively within the team to ensure that the targets set for ICT are achieved.

■ Other duties as may be assigned from time to time.

Essential Requirements

■ NFQ Level 7 Degree in Computer Science, Information Technology or other relevant area.

■ Minimum of 3 years’ ICT experience in a medium to large size organisation.

■ Project and/or vendor management experience.

■ Knowledge of vulnerability management software.

■ Desire to develop a career in the area of Security.

■ Excellent Communication and Collaboration skills.

■ Excellent organisational and time management skills with strong attention to detail.

Desirable Requirements

■ NFQ Level 8 in Computer Science, Information Technology or other relevant qualification.

■ Knowledge of and experience in NIS2, NCSC baseline standards ISO22300 and/or 27000 Standards.

■ CISM, CISSP, CompTIA Security+ ISO 27002 or other relevant Security qualifications.

■ Experience with Azure/0365, Microsoft Defender, Sophos XDR and application control, Fortinet, SIEM, AD/ADFS.

■ Familiarity with ITIL.

■ Project Management qualification.

Conditions of Service

Tenure

Appointment from this competition will be a full-time permanent Higher Executive Officer grade in the public service following successful completion of an eleven-month probation period.

Salary

For persons paying Class A rate of PRSI contributions, the scale is as follows:

€58,847 €60,567 €62,285 €64,000 €65,723 €67,437 €69,157 €71,637¹ €74,112²

Long service increments may be payable after 3 (LSI-1) and 6 (LSI-2) years satisfactory service at the maximum of the scale.

The starting salary will be at the minimum point of the scale and the rate of remuneration will not be subject to negotiation.

Appointments arising from this competition are subject to Section 52, of the Safety, Health and Welfare at Work Act 2005 and any other Act for the time being in force relating to the Authority.

Note: Different pay and conditions may apply if, immediately prior to appointment, the successful candidate is already a serving civil or public servant.

The rate of remuneration may be adjusted from time to time in line with government pay policy.

Probationary Period

On appointment, the appointee will serve an 11 month probationary period. Prior to the end of this probationary period, a decision will be made on substantive appointment to the position.

Location

This role can be based in the Authority’s Dublin HQ or in one of the regional offices as may be agreed by the Authority and the candidate. The role will have a nationwide remit. The Authority reserves the right, at its discretion, to change the primary location to any other place within Ireland.

Hours of Attendance

Hours of duty will be subject to the exigencies of the post but will not be less than 41 hours 15 minutes gross or 35 hours per week, Monday to Friday, excluding luncheon intervals.

The successful candidate will be required to work such additional hours from time to time as may be reasonable and necessary for the proper performance of his/her duties subject to the limits set down in the working time regulations.

The rate of remuneration payable covers any extra attendance liability that may arise from time to time.

Annual Leave

29 days per annum exclusive of the usual public holidays, rising to 30 after 5 years’ service.

This allowance is subject to the usual conditions regarding the granting of annual leave in the public service and is based on a five-day week.