JUST ONE, on behalf of its client, a leading Software, Networking and Information Security company, listed in Stock Exchange since 2009, is looking for a:
Compliance & Risk Services (CRS) Information Security Consultant
The company is a leading software, networking and information security provider in financial, telecommunication, transportation, gaming and government sectors, providing solutions and services aiming to increase operating efficiency and security. Listed in the Italian Stock Exchange since 2009, currently employees 200+ highly skilled professionals with in depth expertise in their field.
To help with their rapid growth, they are actively seeking individuals who want to be a part of a dedicated, hardworking team.
The company’s Compliance and Risk Services are designed to assist organizations to improve their security posture and ensure compliance with legal, regulatory and contractual requirements (e.g. GDPR) by establishing an effective security governance system, identifying and successfully managing information security risks based on standard risk assessment methodologies, adopting international security standards (e.g. ISO 27001, etc.) and raising employee’s security awareness.
The main responsibility of the role is to provide services to Clients, either on site or on-demand, project based (e.g. consulting) or as part of a managed service (e.g. CISO as a Service) for:
Implementing and operating Cyber Security and Privacy strategies for our clients based on international standards and regulatory frameworks (i.e. Information Security and Privacy Policies, Procedures, Guidelines and Technical Standards)
Assessing information security risks and compliance gaps and recommending actions to clients (conducting Gap Analysis, IT Risk Assessment, Business Impact Assessment, etc., based on well-known methodologies)
Coordinating actions on Information security /data breach incidents
Designing and implementing Clients’ information security awareness program
Handling security consultation needs on a daily basis for security and privacy related issues
Developing action plans, schedules and reports related to service delivery
Ensuring that services are provisioned within the agreed terms and Service Level Agreements
Conducting information security awareness courses.
Professional Experience :
More than 5 years of working experience on:
o the implementation of Information Security Management Systemsusing relevant standards, methodologies and best practices
o conducting IT Risk Assessments and Business Impact Assessments using relevant standards, methodologies and best practices
o conduction security and compliance audits
o handling information security incidents
Strong understanding of information security frameworks, industry best practices, legal and regulatory frameworks (e.g. ISO 27001, SANS Critical Security Controls, NIST, GDPR, etc.)
Academic background & Knowledges:
Bachelor’s Degree in Computer Science or similar
Master’s degree or training in the field of Information Security
ISO 27001 Lead Auditor/CISSP/CISM/CISA Certification
ISO 22301 Lead Auditor certification
Knowledge of ITIL best practices and/or experience working in a formal change-controlled environment
Knowledge or certifications of other ISO standards, such as ISO 9000, 20000
Experience in Project management
The company offers:
Competitive Compensation package
A pleasant HQs workplace (Athens)
Career development and growth opportunities
To apply, please send your CV at email@example.com with the reference ''CRS''