Job Search

About the Role

My client is seeking an experienced Security Control Assessor for a remote engagement. You will lead the assessment and evaluation of security controls across both on-premise and cloud environments-ensuring risk is effectively mitigated and regulatory and industry standards are met.

This role offers the chance to work in an agile environment at the forefront of information security and cloud governance, partnering with cross-functional teams and contributing to the evolution of my client's global security assurance programme.

Key Responsibilities

Lead design and delivery of repeatable testing methodologies for control assurance.

Oversee control testing across systems and processes, including automated testing for cloud.

Validate control effectiveness (design and operation) through structured fieldwork and documentation review.

Identify, document, and communicate control deficiencies with clear risk articulation and improvement recommendations.

Report findings to stakeholders and lead regular status updates.

Ensure high-quality documentation and testing accuracy through rigorous QA.

Drive efficiency across the control testing programme by standardising testing materials and tracking KPIs.

Skills & Experience

Experience in IT audit or security control assessments

Deep understanding of cloud environments (AWS, Azure) and associated security controls.

Familiar with frameworks like NIST 800-53, ISO 27001/2, COBIT, and CIS Controls.

Proficient in control testing tools and techniques (manual and automated).

Strong communicator with the ability to deliver findings to technical and non-technical stakeholders.

Experience with tools such as SailPoint, Rapid7, Wiz.io, MS Defender, RSA Archer, and ServiceNow.

Familiarity with agile methods and platforms like Jira and Kanban boards.

Desirable Qualifications

Professional certifications (e.g., CISA, CISSP, CISM, ISO 27001 Lead Auditor).

Strong data analysis skills and proficiency with tools like Excel, PowerBI, Tableau, or Alteryx.

Experience leveraging generative AI or automation to enhance audit/assurance work.

GCS is acting as an Employment Business in relation to this vacancy.

Read less

About the Role

My client is seeking an experienced Lead Security Control Assessor for a remote engagement. You will lead the assessment and evaluation of security controls across both on-premise and cloud environments-ensuring risk is effectively mitigated and regulatory and industry standards are met.

This role offers the chance to work in an agile environment at the forefront of information security and cloud governance, partnering with cross-functional teams and contributing to the evolution of Experian's global security assurance programme.

Key Responsibilities

Lead design and delivery of repeatable testing methodologies for control assurance.

Oversee control testing across systems and processes, including automated testing for cloud.

Validate control effectiveness (design and operation) through structured fieldwork and documentation review.

Identify, document, and communicate control deficiencies with clear risk articulation and improvement recommendations.

Report findings to stakeholders and lead regular status updates.

Ensure high-quality documentation and testing accuracy through rigorous QA.

Drive efficiency across the control testing programme by standardising testing materials and tracking KPIs.

Skills & Experience

8+ years in IT audit or security control assessments, with at least 3 years leading teams.

Deep understanding of cloud environments (AWS, Azure) and associated security controls.

Familiar with frameworks like NIST 800-53, ISO 27001/2, COBIT, and CIS Controls.

Proficient in control testing tools and techniques (manual and automated).

Strong communicator with the ability to deliver findings to technical and non-technical stakeholders.

Experience with tools such as SailPoint, Rapid7, Wiz.io, MS Defender, RSA Archer, and ServiceNow.

Familiarity with agile methods and platforms like Jira and Kanban boards.

Desirable Qualifications

Professional certifications (e.g., CISA, CISSP, CISM, ISO 27001 Lead Auditor).

Big 4 or large consultancy background preferred.

Strong data analysis skills and proficiency with tools like Excel, PowerBI, Tableau, or Alteryx.

Experience leveraging generative AI or automation to enhance audit/assurance work.

GCS is acting as an Employment Business in relation to this vacancy.

Read less

My client is hiring a Senior Data Protection Advisor to deliver expert data protection and privacy compliance services across a wide range of client organisations. This role involves leading advisory projects, ensuring GDPR and broader regulatory compliance, and supporting internal teams with practical, risk-based guidance. Reporting to a Service Manager or Practice Lead, the successful candidate will play a key role in managing data protection strategy, risk assessments, and client relationships.

Key Responsibilities
* Independently deliver client advisory work, including privacy notices, briefing papers, consent models, and policy reviews.
* Conduct data protection impact assessments (DPIAs), gap and risk analyses, and data mapping exercises.
* Review and draft data sharing agreements, transfer impact assessments (TIAs), and service-level agreements (SLAs).
* Apply peer review processes and quality controls to ensure accuracy and compliance.
* Identify and manage risks in privacy and data protection projects.
* Lead client-facing projects involving data governance and regulatory compliance.
* Build and maintain strong working relationships with clients and external stakeholders.
* Attend meetings, briefings, and site visits representing the privacy function.
* Draft reports, action plans, and project documentation.
* Mentor and support junior team members on privacy matters and project delivery.
* Coordinate project workflows, manage timelines, and ensure on-time delivery.
* Monitor developments in data protection regulation and translate into actionable business guidance.

Qualifications and Experience
* Postgraduate qualification (LLM, MSc) in law, information governance, or related field.
* Certification in data protection (e.g. CIPP/E, CIPM, or equivalent).
* Minimum 5 years' experience in data protection, privacy, or compliance roles.
* Experience delivering risk assessments and privacy audits in complex environments.
* Proven ability to manage multiple projects independently from initiation to delivery.
* Strong experience in a consultancy or advisory setting.
* Excellent communication and stakeholder engagement skills.

Preferred
* Experience drafting external-facing content such as newsletters or client briefings.
* Knowledge of international privacy frameworks (e.g. US, APAC).
* Basic understanding of cybersecurity principles.

GCS is acting as an Employment Agency in relation to this vacancy.

Read less

GCS is acting as an Employment Agency in relation to this vacancy.

Read less

Position: Cyber Security - Third Party Risk Management Lead
Location: Dublin city centre (Hybrid) one day per week onsite
Sector: Public
Overview:

A leading public sector client is seeking a Cyber Security Third Party Risk Management Lead to join their growing cyber risk team. This is a key role for someone who thrives on building robust frameworks, managing vendor risk, and ensuring third-party relationships meet the highest security and compliance standards.

You'll work cross-functionally with procurement, legal, IT, and business units to assess, monitor, and mitigate third-party risks. If you're passionate about cybersecurity, risk governance, and making a real impact in a critical infrastructure environment-this could be your next move.

What You'll Be Doing:

You will be leading the development and enhancement of the third-party risk management (TPRM) framework.You will be conducting in-depth risk assessments on vendors, including AI, OT, IoT, and ML technologies.You will be designing and implementing a streamlined onboarding process using automation and interactive tools.You will be collaborating with internal teams to tier suppliers based on risk and business impact.You will be performing due diligence reviews, including analysis of SOC2, ISO 27001, NIST, PCI DSS, and other security reports.You will be monitoring and managing vendor risk profiles, remediation plans, and compliance documentation.You will be reviewing technical security architecture and identifying vulnerabilities in collaboration with IT architecture teams.You will be integrating TPRM into procurement and contract processes.You will be analysing daily threat intelligence and vulnerability reports.You will be presenting risk insights and trends to senior leadership.You will be ensuring compliance with GDPR, ISO, NIST, and other relevant standards.

What You'll Bring:

You will have 5+ years in third-party risk, cybersecurity, or IT compliance roles.You will have a degree in Cybersecurity, Risk Management, or a related field.You will have certifications like CISM, CISA, CISSP, or CRISC (preferred).You will have a strong understanding of TPRM frameworks and regulatory standards.You will have excellent communication and stakeholder engagement skills.You will have experience with risk assessment tools and methodologies.You will have the ability to work independently and manage multiple priorities.

Why Join?

This is a fantastic opportunity to shape and lead third-party cyber risk practices in a high-impact, national organisation. You'll be part of a collaborative team that values innovation, security, and resilience. The role offers a competitive salary, hybrid working, and a strong benefits package.

The Next Step for you: Should this position be of interest to you, please forward your CV to Oisín Geoghegan at GCS Recruitment at [email protected] or call on 019014378

GCS is acting as an Employment Agency in relation to this vacancy.

Read less

Software Asset Manager - IBM ILMT

My client has an urgent requirement for a Software Asset Manager with strong licensing and IBM ILMT experience

You will have duties that include ILMT maintenance experience to include extracting and analyzing reports for operational servers and compliance, identifying and removing ceased/AWS servers, and reclassifying misreported instances.

Key skills:

- IBM ILMT experience

- Auditing experience

Please send across an updated CV if this position is of interest.

GCS is acting as an Employment Business in relation to this vacancy.

Read less

Contract Role: Business Continuity & Crisis Management Consultant
Location: Hybrid (London 2 days/week) | Rate: £750/day (Outside IR35) | Duration: 3-6 Months

We are seeking an experienced Business Continuity & Crisis Management Consultant to lead and enhance resilience frameworks for a high-profile organisation.

Key Responsibilities:

Review and improve BCP and crisis response plans

Lead BIAs, risk assessments, and recovery strategies

Deliver crisis simulations and stakeholder workshops

Ensure compliance with ISO 22301 and relevant regulations

Requirements:

Proven experience in business continuity and crisis leadership

Strong stakeholder management and communication skills

Background in financial services or regulated sectors (preferred)

Apply now for an immediate start. Strategic role, flexible working, and a competitive day rate

GCS is acting as an Employment Business in relation to this vacancy.

Read less