Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead governance, risk, and compliance activities in information security.
- Company: Join a global company focused on security and compliance excellence.
- Benefits: Enjoy hybrid work flexibility, a great culture, and attractive pension schemes.
- Why this job: Make an impact by improving security practices and collaborating with diverse teams.
- Qualifications: Expertise in management, knowledge of GRC platforms, and familiarity with regulatory schemes required.
- Other info: Opportunity to work on exciting projects and represent the security program in client audits.
The predicted salary is between 54000 - 84000 £ per year.
An exciting opportunity to join this global company as an Associate Director, Information Security GRC. The Associate Director, Information Security GRC will lead the governance, risk, and compliance (GRC) activities related to security, ensuring alignment with business objectives, regulatory requirements, and security frameworks. This role involves overseeing internal IT audits, RFP responses, client audit support, and contract review. The position is responsible for managing all GRC-related projects, processes, and technologies, and ensuring that security practices meet contractual, regulatory, and professional standards. Responsibilities: Oversee all aspects of IS GRC, ensuring continual program improvement. Provide security services that meet professional, contractual, regulatory, and certification requirements. Manage the IS GRC people, processes, and technology infrastructure, including creating and reviewing standards, guidelines, and procedures. Represent the security program in client audits, RFPs, and contract reviews. Guide Legal on acceptable contract terms and conditions. Serve on the Computer Security Incident Response Team (CSIRT). Lead the System Governance Virtual Team to improve ISMS across the organization, including risk assessment, control design, metrics, and documentation. Translate executive priorities into operational initiatives. Collaborate with Security Operations and Engineering teams to ensure efficient service delivery. Skills and Experience: Expertise in management practices, including leadership and supervision. Knowledge of major EGRC/ITGRC platforms and security frameworks (NIST, CIS, ISO , COBIT). Familiarity with regulatory schemes such as GDPR, PCI-DSS, HIPAA, and FISMA. Advanced understanding of technical controls and how they address risk. Broad understanding of networking, server, and security monitoring technologies. What you will get: Hybrid working Flexibility Excellent culture Attractive pension scheme Company benefits For further information on this vacancy, or any other IT roles in Belfast or wider Northern Ireland, please apply via the link below or contact Jarlath O’Rourke on in the strictest confidence. Skills: Governance Risk Compliance
Associate Director - GRC Information Technology employer: VanRath
Contact Detail:
VanRath Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Associate Director - GRC Information Technology
✨Tip Number 1
Familiarize yourself with the major EGRC/ITGRC platforms and security frameworks mentioned in the job description, such as NIST, CIS, ISO, and COBIT. This knowledge will not only help you understand the role better but also demonstrate your expertise during interviews.
✨Tip Number 2
Stay updated on the latest regulatory schemes like GDPR, PCI-DSS, HIPAA, and FISMA. Being well-versed in these regulations will show that you are proactive and ready to tackle compliance challenges head-on.
✨Tip Number 3
Network with professionals in the GRC field through LinkedIn or industry events. Building connections can provide valuable insights into the role and may even lead to referrals within our company.
✨Tip Number 4
Prepare to discuss your experience with managing GRC-related projects and processes. Be ready to share specific examples of how you've improved governance, risk management, or compliance in previous roles, as this will be crucial for demonstrating your fit for the position.
We think you need these skills to ace Associate Director - GRC Information Technology
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in governance, risk, and compliance (GRC) activities. Emphasize your expertise with security frameworks like NIST, CIS, ISO, and your familiarity with regulatory schemes such as GDPR and PCI-DSS.
Craft a Strong Cover Letter: In your cover letter, express your passion for information security and how your leadership skills align with the responsibilities of the Associate Director role. Mention specific projects or achievements that demonstrate your ability to manage GRC-related initiatives.
Showcase Technical Knowledge: Highlight your understanding of technical controls and their role in addressing risk. Discuss your experience with major EGRC/ITGRC platforms and any relevant certifications that support your qualifications for the position.
Prepare for Interviews: If selected for an interview, be ready to discuss your approach to overseeing IS GRC activities and how you would translate executive priorities into operational initiatives. Prepare examples of how you've collaborated with cross-functional teams to enhance security practices.
How to prepare for a job interview at VanRath
✨Showcase Your GRC Expertise
Be prepared to discuss your experience with governance, risk, and compliance frameworks. Highlight specific projects where you've successfully implemented GRC practices and how they aligned with business objectives.
✨Understand Regulatory Requirements
Familiarize yourself with key regulatory schemes such as GDPR, PCI-DSS, and HIPAA. Be ready to explain how you have navigated these regulations in past roles and how you would ensure compliance in this position.
✨Demonstrate Leadership Skills
As an Associate Director, you'll need strong leadership abilities. Prepare examples of how you've led teams or projects, particularly in the context of information security and GRC initiatives.
✨Prepare for Technical Discussions
Brush up on your knowledge of technical controls and security monitoring technologies. Be ready to discuss how these elements play a role in managing risk and ensuring compliance within an organization.
