Information Security Management Expert is needed at eu-LISA in Strasbourg, France.

The challenge

• Supports the Agency's Information Security Officers in the management of information security and business continuity across organizational business processes and information systems;
• Develop security controls in the context of the agency's information security framework.

Expected also to perform the following tasks:
• Perform risk assessments;
• Develop Information Security Management System (ISMS) procedures;
• Develop conceptual, logical and physical security models as appropriate;
• Draft security policies, standards, procedures and guidelines in accordance with ISO27001;
• Development of security plans and documentation (e.g. risk treatment plans, security test plans);
• Development of business continuity and disaster recovery plans;
• Perform security assessments and audits;
• Perform ISMS control audits;
• Perform ISMS gap assessments;
• Design security controls in accordance with agency information security policies and standards;
• Provide assistance in formal accreditation process for information systems handling EU sensitive and classified information.

Skills required

Minimum 6 years of general IT professional experience, of which Minimum 3 years of relevant professional experience in Information Security Management.

Good knowledge of/in:
• ISO27001 implementation and management;
• Relevant standards and good practice in information security management;
• Information risk management (in particular E-BIOS);
• Governance, Risk & Compliance (GRC) practices and controls;
• ISO27001 security control audits and assessments;
• Developing security policies, standards and guidelines in accordance with ISO27001 and EU security policies and standards
• Design, implementation and assessments of good practice security control frameworks such as SANS Top 20 Critical Controls, OWASP Application Security Verification Standard,
• Secure development processes (Security and Privacy design) Implementation of EU data protection principles in information system design and processes.
• This profile is expected to possess one or more of the following qualifications:
• Certified Information Systems Security Professional (CISSP);
• Certified Information Security Manager (CISM);
• Certified Information Systems Auditor (CISA);
• ITIL/ITIL V3;
• BSI ISO27001 Lead Auditor Qualification.

Salary and Conditions

Location: Strasbourg, FR

Salary up to: 800€/day

Worksite type: On-site and Remote

Contract type: Freelancer or Employee

Other points of the offer

Currently, due to Covid, all staff is working 100% remote and it will remain like that till the end of the pandemic. After, or even during COVID depending on the requirements of the local team, candidates must be ok to relocate to Strasbourg.
France permanent employment contract is also one option, with salaries around 4000-5000€ net, when meeting all criteria.
Feel free to send us a message to know how much could you get precisely.
You will be hired by an IT consulting company that has a direct contract with the Eu-LISA, you won't have any contract with the Eu-LISA

Related jobs

Senior Frontend Developer

Java Fullstack Developers are needed to join large scale projects at European Institutions

DevSecOps Engineer Onsite

Test

Related categories

European Commission

IT Manager

Business Analyst