Information Security Management Expert at eu-LISA

Sprint CV

Strasbourg, FR

up to 16k/month

Information Security Management Expert is needed at eu-LISA in Strasbourg, France.

About this IT position

eu-LISA is the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice​, an EU Agency established to provide a long-term solution for the operational management of large-scale IT systems, which are essential instruments in the implementation of the asylum, border management and migration policies of the EU.

The IT challenge

• Supports the Agency's Information Security Officers in the management of information security and business continuity across organizational business processes and information systems;
• Develop security controls in the context of the agency's information security framework.

Expected also to perform the following tasks:
• Perform risk assessments;
• Develop Information Security Management System (ISMS) procedures;
• Develop conceptual, logical and physical security models as appropriate;
• Draft security policies, standards, procedures and guidelines in accordance with ISO27001;
• Development of security plans and documentation (e.g. risk treatment plans, security test plans);
• Development of business continuity and disaster recovery plans;
• Perform security assessments and audits;
• Perform ISMS control audits;
• Perform ISMS gap assessments;
• Design security controls in accordance with agency information security policies and standards;
• Provide assistance in formal accreditation process for information systems handling EU sensitive and classified information.

Skills required

Minimum 6 years of general IT professional experience, of which Minimum 3 years of relevant professional experience in Information Security Management.

Good knowledge of/in:
• ISO27001 implementation and management;
• Relevant standards and good practice in information security management;
• Information risk management (in particular E-BIOS);
• Governance, Risk & Compliance (GRC) practices and controls;
• ISO27001 security control audits and assessments;
• Developing security policies, standards and guidelines in accordance with ISO27001 and EU security policies and standards
• Design, implementation and assessments of good practice security control frameworks such as SANS Top 20 Critical Controls, OWASP Application Security Verification Standard,
• Secure development processes (Security and Privacy design) Implementation of EU data protection principles in information system design and processes.
• This profile is expected to possess one or more of the following qualifications:
• Certified Information Systems Security Professional (CISSP);
• Certified Information Security Manager (CISM);
• Certified Information Systems Auditor (CISA);
• BSI ISO27001 Lead Auditor Qualification.

Salary and Conditions

Location: Strasbourg, FR

Salary up to: 800€/day

Worksite type: On-site and Remote

Contract type: Freelancer or Employee

Contract duration: +12 Months

Requires EU nationality: Yes

Job type: Outsourcing

Other points of the offer

Currently, due to Covid, all staff is working 100% remote and it will remain like that till the end of the pandemic. After, or even during COVID depending on the requirements of the local team, candidates must be ok to relocate to Strasbourg.
France permanent employment contract is also one option, with salaries around 4000-5000€ net, when meeting all criteria.
Feel free to send us a message to know how much could you get precisely.
You will be hired by an IT consulting company that has a direct contract with the Eu-LISA, you won't have any contract with the Eu-LISA



6 years of experience

Bachelor degree

EU Nationality

English (Full professional)



Security (>= 3 years)

Information Technology (>= 6 years)

Have any question?

Reach out the job poster

By continuing to browse the site, you expressly agree that cookies will be stored on your computer to help measure statistics of visits. Learn more | I agree