Job Description

We are looking for a full time Senior Information Security Consultant based in the Athens-Greece, with a strong technical background and good knowledge of security management and governance principles. You will be involved in various compliance projects and contribute to the planning, design, implementation of Information Security Policies / Procedures, Risk Assessment and IT audit activities as well.

Main Responsibilities:

Perform compliance assessments against ISO 27001, ISO 22301,PCI/DSS, SOC 2 and other security standards or regulatory requirements (e.g. GDPR, NIS 2, DORA)
Conduct Information Security Risk Assessments and propose the adequate countermeasures
Develop Information Security Policies / Procedures based on best practises
Develop and review application architecture and design
Conduct IT and Security audits

Requirements

Master Degree in Computer Science or Information Technology field
Proven Experience in Information Risk Management methodologies and tools (e.g. ISO 27005, NIST 800-30, ITSRM, etc.)
Proven Experience in Information Security Standards (ISO 27001, ISO 27017, ISO 27018, NIST, etc.) and GDPR
At least 4 years of working experience in the Information Security field
Excellent English verbal and written communication skills

Nice to have:

Knowledge of Sector Specific Information Security Requirements (e.g. AICPA, HIPAA, PCI/DSS) will be considered as an advantage
Relevant master degree in Information Security will be considered as a plus
Professional certifications (i.e. CISSP / CISA / CISM / ISO 27001 LA ) are highly valued.
Any knowledge and experience of Application Security Methods / Best Practices will be considered as an advantage
Any knowledge and experience of Penetration Testing methodologies and tools will be considered as an advantage

Benefits

Earn a high salary and bonus
Health insurance plan
Work in a friendly environment, with good team chemistry
Work from home and have flexible hours
Improve your CV by getting security certifications with our support
Apple gear for your home office

About ICT PROTECT

ICT PROTECT is an information security firm, specialising in Security Management and Security Training services. Our expertise lies in ISMS Development, GDPR compliance, Risk Assessment, Business Continuity as well as security studies.

ICT PROTECT team consists of security specialists with high education level (i.e. MSc, PhD) and years of expertise in the information security domain. Specifically, ICT PROTECT experts have been involved in very demanding security commercial projects, as well as EC R&D projects and they have gained the expertise and the know-how in order to address the security needs of different type infrastructures.

Our team members actively participate in international forums, workshops and conferences in order to be continuously informed with the current information security trends.

ICT PROTECT provides professional security services in order to offer the best way to manage your information risks. We offer a variety of compliance and assurance services and our mission is to help you to protect your Data and ICT systems.

Compliance Services: Information Security Management System Implementation - ISO 27001, ISO 22301 Implementation, ISO 20000-1 Implementation, GDPR Compliance, etc.

Security Management Services: Risk Assessment, Data Identification, Data Cartography, Data Classification, IT Audit

Assurance Service: Application Threat Modelling, Web Application Security Assessments, Vulnerability Assessments

Training Services: Information Security Fundamentals, Digital Forensics, Web Application Security, etc.

Industry

IT & Software

Company Size

1-10 employees

Headquarters

Amaroúsion, GR

Year Founded

2012

Website

ictprotect.com

Social Media