Cybersecurity Compliance Specialist at Luxembourg (On site) for the European Commission

Job role: Cybersecurity Compliance Specialist that will be part of a Eurostat team within the European Commission.

Languages: English (C1) MANDATORY, French (B1) or other EU language will be advantage.

Location: Luxembourg (on site)

Rate: 455-480€/day

MANDATORY:

• EU Citizens only.

• Bachelor’s Degree at IT or a related field.

DESCRIPTION

Responsibilities:

• IT Security team is in charge to verify and ensure the coherence of the security plans with the actual Information Systems implementation in the present Commission’s IT security framework following the IT Security Risk Management Methodology. Additionally, adoption of the Commission’s legal basis for data protection might require an alignment of implementations and IT security plans combined with Data Protection Impact Assessment (DPIA). Eurostat is regularly audited on controls based on the ISO 27000 framework (ISO 27002 more specifically) in the context of ESS IT Security Framework.

• Providing assistance conducting security risk assessments according to the IT Security Risk methodology used within the European Commission.

• Interaction with to the different stakeholders during the preparation or update of their Information Systems security plans.

• Providing security reviews and assessments associated with present or future Information System projects, and the integration of different security technologies for compliance purposes in Eurostat IT environment.

• Providing assistance and expertise on cybersecurity for the implementation of the necessary technical measures required to implement effective solutions for mitigating security risks in compliance with the guidelines, standards and regulations. e.g. integration of security related technologies, identity and access management.

• Providing assistance on the training & awareness activities on cybersecurity topics to meet the compliance objectives.

• Supporting cybersecurity compliance assessments on Eurostat Information Systems for compliance reporting in the context of specific audits or EC mandatory IT Security attestation exercises.

• Providing generic support on cybersecurity compliance aspects as required.

Knowledge and Skills:

• Strong experience in cybersecurity compliance.

• Ability to provide feedback on IT Security related topics and draft content and training material efficiently and fast.

• Ability to give business and technical presentations.

• Ability to apply high quality standards.

• Ability to cope with fast-changing technologies used in EC Digital Workplace environment.

• Very good communication skills with technical and non-technical audiences.

• Analysis and problem-solving skills.

• Capability to write clear and structured technical documents.

• Ability to participate in technical meetings and good communication skills.

• Ability to integrate in an international/multicultural environment, rapid self-starting capability and experience in working in team.

• Ability to participate in multilingual meetings.

• Ability to work in multi-cultural environments, on multiple large projects.

• Ability to establish trusting relationships with counterparts in partnering organizations.

• Excellent team player.

Specific Expertise:

- Very good knowledge of the following frameworks:

• European Commission IT Security Policy, Standards, Guidelines and Technical specifications.

• ITSRM Methodology.

• ISO 27000 framework standards and/or equivalent NIST standards.

• Project Management with (Open)PM2, including PM2 Agile.

• ITIL.

• Eurostat IT strategy and other applicable guidelines.

- Mandatory certifications:

• Project Management Professional (PMP) or PRINCE2 Foundation or PMI or PM2 or OpenPM2

• ITIL Specialist – Intermediate or above certification

• ISO27k or equivalent related certification

• IT Risk Management related certification

Optional certifications:

• CISSP: Certified Information Systems Security Professional.

• CISA: Certified Information Systems Auditor.

• CISM: Certified Information Security Manager.

• CPTC Certified Penetration Testing Consultant

• CPTE Certified Penetration Testing Engineer

• CompTIA Security+

• CSTA Certified Security Testing Associate

• GPEN GIAC Certified Penetration Tester

• OSCP Offensive Security Certified Professional

• CEH Certified Ethical Hacker

• ECSA EC-Council Certified Security Analyst

• CEPT Certified Expert Penetration Tester

Language:

• English (C1), French (B1) or knowledge in other EU language.

Rate:

• 455-480€/day

Studies required:

• Bachelor’s degree at IT or a related field