Security Expert

Are you a Security Specialist with 10+ years of IT professional experience? Apply now for a long-term contract opportunity in Strasbourg. EU nationality is required due to security clearance.

Requirements:

• Minimum 10 years of IT professional experience, of which at least 5 years must be in Information Security Management (Mandatory)
• Experience with IT systems administration/engineering and security auditing (Mandatory)
• Certified Information Systems Security Professional (CISSP) or equivalent certification (Mandatory)
• Knowledge of ISO27001 implementation, management and audit
• Experience with risk management and Governance, Risk & Compliance (GRC) practices
• Experience developing security policies, standards and guidelines in accordance with ISO27001 and EU security policies
• Experience with security control audits and assessments
• Experience with secure development processes (Security and Privacy design)
• Experience implementing EU data protection principles in information system design
• Knowledge of good practice security control frameworks such as SANS Top 20 Critical Controls and OWASP
• Certifications such as CISM, CISA, ITIL/ITIL V3, or BSI ISO27001 Lead Auditor would be advantageous
• EU nationality (Mandatory)
• Languages: English (fluent)

Job Description:

• Support Information Security Officers in the management of information security and business continuity across organisational business processes and information systems
• Develop security controls in the context of the agency's information security framework
• Perform risk assessments and develop risk treatment plans
• Develop Information Security Management System (ISMS) procedures
• Develop conceptual, logical and physical security models as appropriate
• Draft security policies, standards, procedures and guidelines in accordance with ISO27001
• Develop security plans and documentation (e.g., security test plans)
• Develop business continuity and disaster recovery plans
• Perform security assessments and audits, including ISMS control audits and gap assessments
• Design security controls in accordance with agency information security policies and standards
• Provide assistance in formal accreditation process for information systems handling EU sensitive and classified information
• Perform system administration tasks and implement security policies