IT Expert (ITE) = IT Security Governance Risk and Compliance EXPERT (Manager) - cLISO

Package Description

Excellent Salary 

Corporate Benefits Package 

Support provided to EU Nationals requiring relocation – Information available upon request

And the chance to make a positive difference in a company passionate about diversity and inclusion.

Further information available from the Serco Europe Recruitment Team

Job Introduction

Serco is a partner of choice to the European Institutions and other International Organisations. For the past 30 years, we have been providing European and International Organisations a wide range of services including ICT services in support, infrastructure, operations and development as well as managing different contact centres for the key European Institutions, agencies and organisations, in Brussels and across Europe.

What connects the ever-growing Serco workforce is a passion for delivering great service –
To keep ahead, we have to evolve continually and enhance the way we deliver our services. Everyone in Serco has a role to play, here.

Serco provides the right environment to encourage ideas and a comprehensive Best Practice support network that enables them to put their ideas into action.

We are hiring an IT Expert (ITE) = IT Security Governance Risk and Compliance EXPERT (Manager) - cLISO for our prestigious partner DIGIT TM (DG Informatics) in Brussels. DIGIT-TM is a contract from the European Commission for IT services across Europe.

If you like to work in a multi-cultural and dynamic environment, this opportunity can answer to your expectation.

We look forward to meeting you!  Discover the offer below and click on ‘Apply’ if you know that your skillset and talents are a suitable match for this opportunity.

At Serco, we do not only offer a career but also the opportunity to join a community where everyone’s wellbeing matters, by living out the Serco values in all we do!

Main Responsibilities

As IT Expert (ITE) = IT Security Governance Risk and Compliance EXPERT (Manager) - cLISO you will be responsible for:

The recruited candidate will work as a member of the centralised c-LISO team and take over the role of LISO for two or more Commission Departments, as part of the multi-annual development plan of the service. The candidate will also focus on supporting and implementing structural improvements regarding the delivery of the c-LISO services by contributing to improvements of the processes, tooling and metrics in order to achieve greater quality, efficiency and service continuity.

The following tasks shall be covered by the service contract:

• Advise and Support as a subject Matter Expert in the field of IT Security Governance, Risk and Compliance Management.

On top of this task, the candidate will contribute to:

c-LISO services development:

• Participate in the efforts towards developing and improving the service in its growing scope and coverage among the Commission Departments;
• Perform analysis, design and implementation of the workflows and organisational processes for the functioning of the c-LISO Team, the service delivery to the client Commission Departments and the interaction with the related services within or outside of DIGIT S;
• Analyse the requirements resulting from the IT security policy framework in force and from the IT security threat landscape, taking into account the expectations of the business owners;
• Assessment of the level of the implementation of security processes on the corporate level, contribution to defining associated indicators and dashboards and contribution to reporting;
• Contribution to the initiatives facilitating the adoption and implementation of the processes and methodologies among the stakeholders (presentations, targeted consultancy sessions, case-specific handson assistance sessions);
• Contribution to the design, implementation and maintenance of a c-LISO knowledge management system (KMS);
• Contribution to GRACE, a DIGIT S internal initiative for the inter-connection and operability between the current ITSRM and Compliance services;
• Interfacing with IT security stakeholders, monitoring and advice in the implementation of security processes and measures.

LISO role – Knowledge sharing

• Maintain knowledge management base related to IT security;
• Proactive information sharing on IT security policy, standards and guidelines; Dissemination of good IT security practices;
• Explaining and facilitating the application of the methodologies through structured information dissemination, knowledge sharing and support.

LISO role – Advisory and Support

• Initiation and follow up of IT security risk assessment and security plans of information systems; Advice regarding IT security related issues, including vulnerability management;
• Reporting on a regular basis to the Head of the Commission Department regarding IT security, shortfalls identified and ideas for improvement.

LISO role – Training and awareness raising

• Initiation and promotion of specific IT security related awareness-raising and training programmes; Promote Cyber Aware programme and the related educational material.
• The role will also entail to participate in the development and evolution of the services towards an integrated risk and compliance management process. Additional ICT Security & Risk management services might be created in this context and might require coordination / contribution efforts from the candidate.
• The candidate will manage structural improvements regarding the delivery of the service portfolio by contributing to the development of the processes, tooling and metrics in order to achieve greater quality, efficiency and service continuity. He will also support the team on contractual aspects (e.g. drafting of requirements, Memorandum of Understandings, etc) and in the reporting function of our activities (biweekly meeting where projects’ development are discussed horizontally).

In return, we offer a friendly, supportive and professional environment that respects your work/life balance and ultimately contributes to the delivery of public services in Belgium and around the world.

Successful Candidate

LEVEL OF EDUCATION 

• Master Degree of 5 year

KNOWLEDGE AND SKILLS 

• IT Security Governance including Security Awareness & Leadership
• Advising Task Force, Working Groups and stakeholders for Security
• IT Security Risk Management (preferably, using the ITSRM methodology)
• IT Security Policies and Compliance
• IT Security Services operational development and management
• IT Security Architecture
• ITIL based catalogues and service delivery either internal (OLAs) or with providers (SLAs)
• Strong drafting and communication skills in both French and English, both orally and in writing (level 5/5 is required);
• Self-motivated and autonomous, with ability to manage and follow up on multiple tasks simultaneously;
• Strong analytical skills, ability to approach problems from multiple angles and find creative solutions;
• Ability to produce mature executive summaries, presentations and to engage with stakeholders at any levels, from operational staff to senior management;
• Proven capacity to analyse complex information, to consider options in a clear and structured way, to propose and implement recommendations and to make sound decisions;
• Ability to work effectively both with team members and with customers;
• Ability to work under pressure and with tight deadlines, to make timely decisions, to reprioritize tasks responding to changes in a rapidly evolving work environment;
• Ability to develop and set up processes and structures across various fields of activities;
• Strong ability to learn and apply new/emerging technologies.

Due to the particular nature of a large international organisation such as the European Commission, candidates should also have the following non-technical skills:

• Capability of integration in an international/multicultural environment, rapid self-starting capability and experience in working in team.
• Ability to work in multi-cultural environment, on multiple large projects.
• High degree of discretion and integrity is required as the applications managed and maintained in DIGIT.S1 contain personal and confidential data
• The candidate must hold a security clearance at EU CONFIDENTIAL level or be in a position to obtain such security clearance

SPECIFIC EXPERTISE

Following specific expertise is mandatory for the performance of tasks:

• At least 10 years of specific expertise in IT Project Management
• At least 10 years of specific experience in IT Service Management
• At least 5 years of specific experience in IT Security and IT risk management
• At least 5 years of specific experience within an EU institution
• At least 5 years of experience in financial & contract management

CERTIFICATIONS & STANDARDS:

The following certification is a must have for the performance of the tasks:

• Prince 2, ITIL (v3 or v4), ISO 27001 Lead Auditor or Lead Implementer

The following standards and certifications would be advantageous for the performance of tasks:

• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• COBIT
• ISO27005, eBIOS, Pilar, Grundschutz

------------

Important

Any offer of employment is contingent upon you providing documents to verify your identity and employment eligibility, as required by law.

Applicants are reminded that they will be requested to produce such documentation during the recruitment process.

Please contact a member of the recruitment team if you require further details of acceptable types of documentation required for verification of identity and work authorization. 

Data Protection:

When creating a profile on the Serco Career Centre you agreed to the Data Protection policy, a copy is available upon request.

You may submit a written request revoking your consent to this agreement at any time.

About the Company

Why should you join Serco ?

At Serco not only is the nature of the work we do important, everyone has an important role to play.

Meaningful and vital work - You’ll contribute to methodologically intercepting challenges whilst achievements will also be recognised and celebrated.

A world of opportunity - You’ll be wholeheartedly supported with development and career progression

Great people - You’ll become an integral member of a well-defined and supportive team who believe passionately in the value of our work.

What we offer

• Chance to contribute to innovation in the public services sector
• A company passionate about diversity and inclusion
• Permanent employment with comprehensive Serco Benefits package.

About Serco

At Serco, not only is the nature of the work we do important, everyone has an important role to play when managing complex public services.  

We are a team of 60,000 people responsible for delivering essential public services around the world, we are innovators, committed to redesigning and improving public services for the benefit of everyone.

By joining Serco you will have unlimited access to our Global Employee Networks – SercoInspire (Gender), SercoEmbrace (Multicultural), SercoUnlimited (Disability) and In@Serco (LGBT & Networks). Serco Employee Networks, led by colleagues who are passionate about diversity, inclusion and belonging. 

Apply

Please click on the apply button to be taken to our careers website

Serco is a Disability Confident Employer committed to employing and retaining people with disabilities.  Disabled applicants who meet the minimum criteria for the job will be given the opportunity to demonstrate their abilities at an interview.