Cybersecurity Compliance Specialist

**COSMOTE Global Solutions**, as a member of **OTE Group of Companies**, is an ICT Systems Integrator delivering a broad range of ICT Solutions and Services.

**CGS** provides a broad range of ICT Services focusing on: Cloud, Data Centre operations, Networking, Cybersecurity, BI and Data Warehouse, Big Data, Service Desk, Proactive Monitoring, Operations and Support, Service Management, Project and Programme Management, and Professional Services.

**Responsibilities**:

- Providing assistance conducting security risk assessments according to the IT Security Risk methodology used within the European Commission,
- Interaction with to the different stakeholders during the preparation or update of their Information Systems security plans,
- Providing security reviews and assessments associated with present or future Information System projects, and the integration of different security technologies for compliance purposes in Eurostat IT environment
- Providing assistance and expertise on cybersecurity for the implementation of the necessary technical measures required to implement effective solutions for mitigating security risks in compliance with the guidelines, standards and regulations. e.g. integration of security related technologies, identity and access management.
- Providing assistance on the training & awareness activities on the cybersecurity topics to meet the compliance objectives.
- Supporting cybersecurity compliance assessments on Eurostat Information Systems for compliance reporting in the context of specific audits or EC mandatory IT Security attestation exercises.
- Providing generic support on cybersecurity compliance aspects as required

**Requirements**:

- Bachelor's degree in Information Technology, Cybersecurity, or a related field.
- 5+ years of experience in cybersecurity compliance or risk management.
- Very good knowledge of the following frameworks:

- European Commission IT Security Policy, Standards, Guidelines and Technical specifications.
- ITSRM Methodology.
- ISO 27000 framework standards and/or equivalent NIST standards.
- Project Management with (Open)PM2, including PM2 Agile.
- ITIL.
- Eurostat IT strategy and other applicable guidelines.
- Strong experience in cybersecurity compliance
- Ability to provide feedback on IT Security related topics and draft content and training material efficiently and fast.
- Ability to give business and technical presentations
- Ability to cope with fast changing technologies used in in EC Digital Workplace environment.
- Very good communication skills with technical and non-technical audiences
- Analysis and problem solving skills
- Capability to write clear and structured technical documents
- Ability to participate in technical meetings and good communication skills
- Ability to integrate in an international/multicultural environment, rapid self-starting capability and experience in working in team;
- Ability to participate in multilingual meetings;
- Ability to work in multi-cultural environment, on multiple large projects;
- Ability to establish trusting relationships with counterparts in partnering organisations;
- Excellent team player Ability to understand, speak and write English C2, French B1 knowledge of other EU languages will be an advantage;
- **Mandatory Certifications**:
Certification in one or more of the following general IT- Project Management Professional (PMP) or PRINCE2 Foundation or PMI or PM2 or OpenPM2
- ITIL Specialist - Intermediate or above certification
- ISO27k or equivalent related certification IT Risk Management related certification
Certification in one or more of the following Cybersecurity related certifications- CISSP: Certified Information Systems Security Professional.
- CISA: Certified Information Systems Auditor.
- CISM: Certified Information Security Manager.
- CPTC Certified Penetration Testing Consultant
- CPTE Certified Penetration Testing Engineer
- CompTIA Security+
- CSTA Certified Security Testing Associate
- GPEN GIAC Certified Penetration Tester
- OSCP Offensive Security Certified Professional
- CEH Certified Ethical Hacker
- ECSA EC-Council Certified Security Analyst
- CEPT Certified Expert Penetration Tester