IT Risk Manager (GRC & Information Security)

IT Risk Manager (GRC & Information Security) Dublin City Centre (Hybrid – 3 days onsite per week) Overview We are working with an Irish organisation in Dublin is seeking an experienced IT Risk Manager to lead and enhance its IT Risk, Governance, Risk & Compliance (GRC), Information Security and Third-Party Risk Management capabilities. This role will play a critical part in developing and embedding a mature IT risk management framework across a complex, operationally critical environment. The successful candidate will take ownership of IT risk governance, strengthen third-party risk oversight and ensure robust policies, standards, and controls are in place to safeguard systems, data and services. What You’ll Bring Strong understanding of information security principles, governance, and risk management frameworks Experience conducting IT risk assessments, control testing, or cyber governance activities Lead risk identification, assessment, treatment, and monitoring processes Maintain and oversee the IT and Information Security risk registers Provide independent oversight and challenge on IT and cyber risks Deliver clear, concise risk reporting to senior leadership and governance committees Ensure alignment with recognised frameworks (e.g. ISO 27001, NIST, COBIT) Experience & Skills Required 5+ years’ experience in IT Risk, GRC, or Information Security roles Demonstrated experience building or enhancing IT risk frameworks Strong experience in IT Third-Party Risk Management Solid understanding of IT control frameworks and risk methodologies Experience developing policies and governance documentation Strong stakeholder engagement and influencing skills Ability to operate independently within a second-line risk function Relevant certifications desirable (CRISC, CISM, CISSP, ISO 27001 Lead Implementer/Auditor)