Compliance & Risk Services (CRS) Information Security Consultant.

Reference code: CRS_03.2022

About Neurosoft

Neurosoft is a leading ICT Integrator providing innovative solutions and services with the aim of increasing efficiency and security. Operating in Greece, Cyprus and SEE, they are referenced in sectors like financial services, service providers, transportation, utilities, industry, maritime and government. The company has been listed in the Italian Stock Exchange since 2009 while currently employing 200+ highly skilled professionals with depth expertise in their fields.

To help with our rapid growth, we are actively seeking individuals who want to be a part of a dedicated, hardworking team.

Our company seeks to employ an Information Security Consultant to join our Compliance and Risk Services Team – Cyber Security Operations Department.

Neurosoft’s Compliance and Risk Services are designed to assist organizations to improve their security posture and ensure compliance with legal, regulatory and contractual requirements (e.g. GDPR) by establishing an effective security governance system, identifying and successfully managing information security risks based on standard risk assessment methodologies, adopting international security standards (e.g. ISO 27001, etc.) and raising employee’s security awareness.

Position Responsibilities:

Provide services to Clients, either on site or on-demand, project based (e.g. consulting) or as part of a managed service (e.g. CISO as a Service) for:

  • Implementing and operating Cyber Security and Privacy strategies for our clients based on international standards and regulatory frameworks (i.e. Information Security and Privacy Policies, Procedures, Guidelines and Technical Standards)
  • assessing information security risks and compliance gaps and recommending actions to clients (conducting Gap Analysis, IT Risk Assessment, Business Impact Assessment, etc., based on well-known methodologies)
  • coordinating actions on Information security /data breach incidents
  • designing and implementing Clients’ information security awareness program
  • handling security consultation needs on a daily basis for security and privacy related issues
  • developing action plans, schedules and reports related to service delivery
  • ensuring that services are provisioned within the agreed terms and Service Level Agreements
  • conducting information security awareness courses.

Required Skills and Qualifications

  • Bachelor’s Degree in Computer Science or similar
  • Master’s degree or training in the field of Information Security
  • ISO 27001 Lead Auditor/CISSP/CISM/CISA Certification
  • More than 5 years of working experience on:
    • the implementation of Information Security Management Systems using relevant standards, methodologies and best practices
    • conducting IT Risk Assessments and Business Impact Assessments using relevant standards, methodologies and best practices
    • conduction security and compliance audits
    • handling information security incidents
  • Strong understanding of information security frameworks, industry best practices, legal and regulatory frameworks (e.g. ISO 27001, SANS Critical Security Controls, NIST, GDPR, etc.)

 Required Non-Technical Skills

  • Very good written and verbal skills (Greek & English)
  • Strong interpersonal and organizational skills with the ability to prioritize clients’ requirements
  • Excellent consulting skills combined with good communication and presentation skills
  • Work ethically, with integrity, maintain confidentiality of information and use information appropriately
  • Support organizational goals and values

 Preferred Skills and Qualifications

  • ISO 22301 Lead Auditor certification
  • Knowledge of ITIL best practices and/or experience working in a formal change-controlled environment
  • Knowledge or certifications of other ISO standards, such as ISO 9000, 20000
  • Experience in Project management

 We Offer

  • Competitive compensation & benefits package
  • Leading-edge technology
  • Continuous training
  • Stable and enjoyable working environment