01 639 2920 info@prcrecruitment.ie

Quality and Risk Manager

Quality and Risk Manager

Reporting directly to the CEO the department of quality and risk Manager is responsible for the implementation, review and continual improvement of the company management systems and standards. These include quality assurance, enterprise risk, business continuity planning and information security.

Within this role with your team of 2 specialists, you are responsible for working cross-functionally within all departments to ensure that all company operational activities are continually assessed and challenged. Your aim is to achieve maximum security and efficiency throughout the business and to ensure all activities remain compliant to company policy and all relevant legislation. The role is a strong Operational oriented position.

The Quality and Risk Manager is also responsible for regular reporting and meeting with senior stakeholders on all activities under its remit.

Daily Roles and Responsibilities:

Quality Assurance (QA) Management Systems

  • To maintain certification to the ISO9001 and ISO14001 international quality standard
  • To promote a quality assurance and continual improvement culture in all areas of the business
  • To review process documentation to ensure adequacy and consistency is maintained
  • To report to senior management and client on the performance of the quality management system.

Perform audits internal, third parties and upon Client request.

  • To represent the Company during external compliance audits.
  • To oversee internal quality audits on all key processes within the business
  • Perform risk assessments of business unit practices against selected Information Security control standards and previous audit results to identify gaps
  • Ensure action plans are established to address Risks identified and follow-up as necessary to ensure appropriate mitigation has been put in place.

Enterprise Risk (ERM) Management

  • Provide formal updates regarding risk through an annual risk review and through monthly Governance, Risk and Compliance (GRC) meetings
  • To ensure an effective Risk Register is in place covering pro-actively all key areas of the business, action planning risk mitigation and closing off risks.
  • To promote an enterprise risk culture across all areas of the business
  • Responsible for risk management and sign off on all changes to core services and for all phases of new projects implementation.

Information Security (IS) Management Systems

  • Strategic planning, identification and implementation of initiatives related to Information Security across all areas of the business
  • To maintain certification and continual improvement across the business to ISO27001 Information Security Management System, ISO9001, ISO14001
  • To maintain compliance to Payment Card Industry Data Security Standard (PCI-DSS) throughout the business.
  • Manage external vendors in their performance of controlled vulnerability scanning and penetration testing on applications, network protocols, and databases
  • To implement, document and ensure adherence to company Information Security policies, promote application of best practice throughout the business.
  • Coordinate and perform technical security audits on the Company IT infrastructure to ensure sensitive data is stored and processed securely (e.g. firewall review, server hardening, access control, anti-virus, patch management, vulnerability assessments, incident response etc.)
  • Provide information security advice to the decision-making process for all major IT infrastructure and operational changes within the business
  • Provide input on information security policies, standards, baselines, and other related documents, as requested.

Data Protection (DP) Compliance

  • To maintain all operational processes are compliant to General Data Protection Regulations (GDPR)
  • To provide guidance and expertise to all levels of the business on DP issues
  • To promote a culture of customer data security awareness throughout the business
  • Perform data protection audits on the Company’s key service providers (data processors) to ensure all service providers are complying with the GDPR
  • Business Continuity Plan (BCP) Management
  • Responsible for documenting and the continual maintenance of the Business Continuity Plan (BCP) which covers all key activities of the business
  • Responsible for the regular testing of the BCP in line with the Disaster Recovery (DR) Plan
  • Continual improvement and annual review of the BCP and DR plans.


  • 5 plus years’ working experience in quality and risk management for an Operation
  • Senior stakeholder management and communication experience
  • Bachelor’s or master’s degree
  • Knowledge of Information Security Management systems and Payment Card Industry standards and Data Protection regulations is essential
  • Knowledge of ISO9001Quality Assurance Standard and ISO14001 is desirable
  • Certification to one or more of the following CISA, CISSP, CISM and ISO27001 Auditor would be advantageous
  • Strong Experience with project management with a track record of success
  • Excellent presentational and communications skill are essential
  • Results orientated, proactive and reactive
  • Experience of working within a changing and high-performance environment
  • Ability to manage a team effectively and maintain an efficient client relationship
  • You are a motivated talented individual with a strong willingness to think outside of the box.
  • You can expect plenty of autonomy in this role, therefore you will need the motivation to take initiative with your team to improve our current performance

Our Reference MI102

Partnering with PRC we will provide you with unrivalled support to help you make the right decision in making your next career move. As standard we review your CV and offer you advice on how to make you attractive to employers. We will provide you with the necessary interview preparation giving you a unique insight into how to prepare for your interview. Our consultants will guide you and manage the recruitment process allowing you to focus on securing the position. We do not want to waste your time so our honest and frank approach has gained us the reputation of been reliable and trustworthy recruitment company. Candidates with the required skills and necessary experienced in required for this job vacancy will be contacted. If you are job seeking and you want us to register your CV please send your CV to jobs@prcrecruitment.ie

Important Notice – By applying for this position with PRC Recruitment (PRC Confidential Ltd.), the company may store your details on our company database. We will only use your information for job seeking services and will never share it with a third party. Please see our privacy policy explaining in more detail and also your rights. Privacy Policy.

Apply For This Job

Your Name (required)

Your Email (required)

Your Telephone Number (required)

Your Message

Upload Your CV (required)