Principal Analyst, Cyber & Information Security - Third Party Risk & GRC

Manager, Cyber & Information Security - Hybrid - Dublin, Ireland ICON plc is a world-leading healthcare intelligence and clinical research organization. We're proud to foster an inclusive environment driving innovation and excellence, and we welcome you to join us on our mission to shape the future of clinical development. About the role : Office Hybrid - 60% office-based in Leopardstown, Dublin 18; 40% remote. We are currently recruiting an experienced and driven Information Security Manager to work across key functions within our Information Security program, with a focus on Third Party Risk Management (TPRM) and Governance, Risk & Compliance (GRC). Reporting to the Senior Director of Information Security, this role will be instrumental in assessing and managing supplier risk, responding to third-party incidents, and driving strategic enhancements to our TPRM framework. In addition, the role will support internal and external audit activities, client security assessments, and ensure ongoing compliance with our information security certifications. Key responsibilities will include : Third Party Risk Management (TPRM) Lead and execute supplier risk assessments, including initial due diligence and ongoing monitoring. Maintain and enhance operational processes related to supplier management and periodic reviews. Collaborate with Procurement, Legal, Data Privacy and Business stakeholders to ensure alignment on third-party risk requirements and assessment outcomes. Manage third-party security incidents, coordinating response efforts and remediation activities. Maintain the third-party corrective actions register, treatment plans and ensure timely updates and closure. Management of third-party continuous security monitoring and ratings platforms. Drive strategic initiatives to mature the TPRM program, including continuous monitoring, automation, metrics, and reporting. Perform TPRM activities in accordance with company policies and industry standard frameworks (e.g., ISO 27001, NIST CSF, CIS, Cloud Security Alliance). Stay current on emerging information security threats, incidents, and trends, and assess their potential impact on the organisation and our suppliers. Governance, Risk & Compliance (GRC) Support internal and external information security audits, including evidence collection, coordination with control owners, and remediation tracking. Respond to client security questionnaires and due diligence requests in collaboration with Sales and Business stakeholders. Assist in maintaining compliance with information security certifications. Contribute to the development and maintenance of security policies, standards, and procedures. Perform GRC activities in accordance with company policies and industry standard frameworks (e.g., ISO 27001, NIST CSF). Stay current on new or emerging information security standards and regulatory requirements. Desired Qualifications and Experience 8+ years of experience in Information Security, with a focus on TPRM and / or GRC. Relevant certifications (e.g., CISM, CRISC, CISSP, ISO Lead Auditor / Implementer, SANS GCLD, SANS GSLC) are a plus. Strong understanding of risk management frameworks and information security standards (e.g., ISO 27001, NIST, SOC 2, Cloud Security). Experience managing supplier incidents, defining treatments plans and managing to closure. Familiarity with audit processes and compliance reporting. Demonstrate a strong awareness of the current threat landscape. Ability to work independently and drive initiatives in a fast-paced environment. #LI-Hybrid #LI-MK2 What ICON can offer you : Our success depends on the quality of our people. That's why we've made it a priority to build a diverse culture that rewards high performance and nurtures talent. In addition to your competitive salary, ICON offers a range of additional benefits. Our benefits are designed to be competitive within each country and are focused on well-being and work life balance opportunities for you and your family. Our benefits examples include : Various annual leave entitlements A range of health insurance offerings to suit you and your family's needs. Competitive retirement planning offerings to maximize savings and plan with confidence for the years ahead. Global Employee Assistance Programme, LifeWorks, offering 24-hour access to a global network of over 80,000 independent specialized professionals who are there to support you and your family's well-being. Life assurance Flexible country-specific optional benefits, including childcare vouchers, bike purchase schemes, discounted gym memberships, subsidized travel passes, health assessments, among others. Visit our careers site to read more about the benefits ICON offers. At ICON, inclusion & belonging are fundamental to our culture and values. We're dedicated to providing an inclusive and accessible environment for all candidates. ICON is committed to providing a workplace free of discrimination and harassment. All qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or in order to perform the essential functions of a position, please let us know or submit a request here Interested in the role, but unsure if you meet all of the requirements? We would encourage you to apply regardless - there's every chance you're exactly what we're looking for here at ICON whether it is for this or other roles. Are you a current ICON Employee? Please click here to apply To be considered for this role you will be redirected to our careers page & prompted to create a jobseeker account here. To start the process, click the Continue to Application or Login / Register button below.