Cybersecurity Compliance Specialist

COSMOTE Global Solutions NV is a leading ICT Systems Integrator and a member of the OTE Group of Companies, specializing in delivering a wide range of ICT solutions and services including cloud computing, data center operations, networking, and cybersecurity.

We are seeking a Cybersecurity Compliance Specialist to join our client's team to ensure our information systems and processes comply with applicable cybersecurity regulations, laws, and standards, safeguarding our organization's IT environment.

Key Responsibilities:

• Definition of compliance requirements for JRC information‑system controls, in close collaboration with the System owners and System managers
• Preparation of templates covering security processes, controls and technical solutions across all JRC digital services
• Assistance with the management of remediation activities, including tracking of non‑conformities, assignment of corrective actions to system owners and verification of their closure within agreed time‑frames
• Development and maintenance of security baselines for the JRC systems and services
• Coordination and review of risk‑assessments, ensuring that identified risks are evaluated against the defined compliance criteria and that mitigation measures are documented
• Reporting of compliance status to the LISO, highlighting gaps and progress on remediation
• Interaction with system owners and IT service providers and other relevant Commission services to ensure consistent interpretation and application of security policies

Requirements:
• Bachelor’s Degree in IT or a related field
• Very good knowledge of ISO 27000 family of standards, the EC Security Policies, the European Commission Risk‑management methodology and related risk‑assessment techniques
• Strong experience in the security domain, including the development and review of security methodologies, Business Impact Assessments, Risk Assessments and Secure System Architecture Design
• Ability to review draft Security Plans and related security‑plan material efficiently and fast
• Ability to give business and technical presentations to system owners, IT service providers
• Ability to apply high quality standards in documentation, template creation, and guidance material for security planning
• Ability to cope with fast changing technologies used in cloud services, AI‑driven applications, and other digital services within the JRC environment
• Very good communication skills with technical and non-technical audiences to facilitate multilingual, multicultural meetings and stakeholder engagement
• Analysis and problem-solving skills
• Capability to write clear and structured technical documents
• Ability to participate in technical meetings and good communication skills
• GICSP certification or equivalent recognized information‑security certifications
• Ability to integrate in an international/multicultural environment, rapid self-starting capability, and experience in working in team.
• Ability to participate in multilingual meetings.
• Ability to work in multi-cultural environment, on multiple large projects;
• Ability to establish trusting relationships with counterparts in partnering organizations;
• Excellent team player
• Ability to understand, speak and write English C1 will be an advantage.
• High degree of discretion and integrity.