Cybersecurity Compliance Specialist, Ispra (on-site) – European Commission

Profile: Cybersecurity Compliance Specialist.

Studies required: Bachelor’s Degree in IT or a related field.

Language: English (C1) MANDATORY.

Location: Ispra, Italy (on-site).

Duration: 220 days initial contract – (4 years total).

Expected start date: 26/05/2026.

DESCRIPTION:

The Cybersecurity Compliance Specialist will support the European Commission’s Joint Research Centre (JRC) in ensuring that information systems and digital services comply with established security policies and standards. The role focuses on defining and maintaining compliance requirements, developing security baselines and templates, coordinating and reviewing risk assessments, and supporting remediation activities for identified non‑conformities. The specialist will work closely with system owners, system managers, IT service providers, and other Commission services to ensure consistent interpretation and application of security policies. The position also involves reporting compliance status and remediation progress, contributing to high‑quality security documentation, and operating within a multicultural, multilingual, and fast‑evolving technological environment. The role is fully on‑site in Ispra, Italy.

Tasks:

• Definition of compliance requirements for JRC information‑system controls, in close collaboration with the System owners and System managers.

• Preparation of templates covering security processes, controls and technical solutions across all JRC digital services.

• Assistance with the management of remediation activities, including tracking of non‑conformities, assignment of corrective actions to system owners and verification of their closure within agreed time‑frames.

• Development and maintenance of security baselines for the JRC systems and services.

• Coordination and review of risk‑assessments, ensuring that identified risks are evaluated against the defined compliance criteria and that mitigation measures are documented.

• Reporting of compliance status to the LISO, highlighting gaps and progress on remediation.

• Interaction with system owners and IT service providers and other relevant Commission services to ensure consistent interpretation and application of security policies.

Mandatory Requirements:

• Bachelor’s Degree in IT or a related field.

• Very good knowledge of ISO 27000 family of standards, the EC Security Policies, the European Commission Risk‑management methodology and related risk‑assessment techniques.

• Strong experience in the security domain, including the development and review of security methodologies, Business Impact Assessments, Risk Assessments and Secure System Architecture Design.

• Ability to review draft Security Plans and related security‑plan material efficiently and fast.

• Ability to give business and technical presentations to system owners, IT service providers.

• Ability to apply high quality standards in documentation, template creation, and guidance material for security planning.

• Ability to cope with fast changing technologies used in cloud services, AI‑driven applications, and other digital services within the JRC environment.

• Very good communication skills with technical and non-technical audiences to facilitate multilingual, multicultural meetings and stakeholder engagement.

• Analysis and problem-solving skills.

• Capability to write clear and structured technical documents.

• Ability to participate in technical meetings and good communication skills.

• GICSP certification or equivalent recognized information‑security certifications.

• Ability to integrate in an international/multicultural environment, rapid self-starting capability, and experience in working in team.

• Ability to participate in multilingual meetings.

• Ability to work in multi-cultural environment, on multiple large projects.

• Ability to establish trusting relationships with counterparts in partnering organizations.

• Excellent team player.

• Ability to understand, speak and write English C1 will be an advantage.

• High degree of discretion and integrity.

Language:

· English (C1) MANDATORY.

Location:

· Ispra (on-site).

Rate:

· 460-480€/day.