Information Security Management Expert

Spektrum has a wide range of exciting opportunities in several global locations.

We are always looking to add great new talent to our team and look forward to hearing from you.

euLISA is the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (euLISA). The agency manages large-scale IT systems to support the implementation of asylum, border management, and migration policies within the European Union (EU). It is also a leader in the digitalization efforts of the EU's Justice and Home Affairs domain, building a new information architecture and contributing to the development of a new security ecosystem. Since its inception in 2012, euLISA has become the digital engine of the Schengen Area. The agency adds value to EU Member States by supporting their efforts towards justice, security, and freedom.

• Supporting the Agency's Information Security Officers in managing information security and business continuity across organizational processes and systems.
• Developing security controls within the agency's information security framework.
• Developing ISMS procedures, security models, policies, standards, and guidelines in accordance with ISO27001.
• Creating security plans, risk treatment plans, and security test plans.
• Developing business continuity and disaster recovery plans.
• Performing security assessments, audits, and gap analyses.
• Designing security controls aligned with agency policies and standards.
• Assisting in the formal accreditation process for information systems handling EU sensitive and classified data.

Education: Minimum 4 years of relevant education (master's degree or equivalent) after secondary school.

Experience: Minimum 6 years of IT professional experience, including at least 3 years in Information Security Management.

• Strong knowledge of ISO27001 implementation and management.
• Familiarity with information security standards and best practices.
• Understanding of Governance, Risk & Compliance (GRC) practices.
• Experience with ISO27001 security audits and assessments.
• Ability to develop security policies and guidelines in line with ISO27001 and EU standards.
• Experience with security control frameworks like SANS Top 20, OWASP, etc.
• Knowledge of secure development processes and EU data protection principles.

• Certifications such as CISSP, CISM, CISA, or ITIL/V3.

If this opportunity isn't for you, please feel free to send us your resume to stay informed about future openings that match your skills and experience.

• Employment Type: Full Time
• Experience: 6+ years
• Vacancy: 1
• Location: Strasbourg, Bas-Rhin, France