IT Risk, Security & Compliance Expert
We are looking for an IT Risk, Security & Compliance Expert to oversee and manage the respective interrelated IT disciplines in alignment with the organization's and the business owners' appetite.
Main Responsibilities
IT Risk and IT Compliance Management:
Provide guidance to Business Owners in scoping ΙΤ assets at risk based on their inherent risk assessments
Offer support to Business Owners in identifying, assessing, and managing IT risks, considering IT controls, probability and impact
Collaborate with Business Owners in determining appropriate risk responses, leveraging the expertise of technical and architecture teams
Monitor and report on the responses to Information Risks, communicating the status to the head of Technology as well as Security, Corporate Audit and Risk functions
Ensure that IT Risk Management practices adhere to the Organization's framework, industry best practices, and relevant regulations.
Stay current and aligned
Gather information on IT function compliance with internal and external regulations, and provide comprehensive compliance reports
IT Security Operations Management:
Coordinate with CISO to help lead the research, selection and establishment of security infrastructure for on-prem and cloud environments
Review solution architectures and provide recommendations to leadership and development teams
Help identify critical security issues and risks, and take the lead in developing mitigation plans
Oversee the analysis, design, implementation and monitoring of security controls ensuring alignment with organizational security, privacy and compliance policies
Play a key role in investigations of actual or potential information security breaches, overseeing the development of mitigation plans and coordinating incident responses
Supervise the preparation and review of technical and process-related documentation and references
Drive the automation of security and compliance capabilities in support of DevSecOps processes (SDLC)
Regularly conduct and provide comprehensive Security checklists and reports
Lead the efforts to maintain, improve and expand security certifications
Develop and deliver training materials, including general security awareness and specific security technology training, for the team
Candidate Profile
Minimum 6 years of relevant working experience
University degree in Computer Science, Information Technology or related field
Strong IT Risk management skills, ability to identify and assess risks, develop risk management strategies, and implement risk controls
Experience of analyzing system security vulnerabilities including penetration testing and applying remediation techniques
Experience across various security domains such as Identity and Access Management, Privileged Access management, Data Protection, Data Loss Prevention, Cryptography, Infrastructure/Cloud Security, Security operations (SOC, SIEM), Threat & Vulnerability Management, Business Continuity, Disaster Recovery, Secure SDLC
Experience with the some or more security-oriented IT products/services: Checkpoint Firewalls, Imperva Firewalls, Cisco WSA & ESA, Citrix NetScaler Load Balancers, McAfee DLP, Vulnerability Assessment Products (e.g. Nessus, Qualys), Microsoft Defender for Endpoint, Azure Active Directory, EMM, DLP, Encryption, Defender for Endpoint
Strong facilitation and organization skills including the capacity to task, delegate, follow up and report on progress
Results-orientation, to execute and complete deliverables in a fast-paced environment
A real team player, working collaboratively within a cross-functional team
Benefits
The company invests in long-term cooperation and provides a modern and stable work environment. We offer a competitive remuneration package and excellent career prospects, coupled with continuous training and development.
Applications
All applications will be treated with strict confidentiality and successful candidates will be contacted.
At Ethniki Asfalistiki, we believe in creating an inclusive workplace that values diversity and celebrates the unique contributions of each individual.
We are an equal opportunity employer, and we recognize that a diverse workforce is essential for our success. By bringing together people from different backgrounds and experiences, we can promote a more innovative, creative, and productive work environment.
We are committed to fostering a culture of belonging where everyone feels respected, valued, and empowered to contribute their best.