Senior GRC Officer Freelance - France

Posted 23 April 2024
Salary Competitive
Job type Contract
Discipline Cyber Security
Contact NameAndrei Lehadus

Job description

Information Security Officer

We are seeking a highly motivated and experienced Information Security Officer to join our team. You will play a critical role in supporting our Information Security Officers (ISOs) in safeguarding our information systems and business continuity.


  • Collaborate with ISOs to manage information security and business continuity across the organization.
  • Develop robust security controls aligned with the agency's information security framework.
  • Conduct thorough risk assessments to identify and mitigate potential threats.
  • Craft and implement Information Security Management System (ISMS) procedures.
  • Design conceptual, logical, and physical security models as required.
  • Draft security policies, standards, procedures, and guidelines adhering to ISO27001.
  • Develop comprehensive security plans and documentation, including risk treatment and security test plans.
  • Create business continuity and disaster recovery plans to ensure operational resilience.
  • Perform security assessments, audits, and ISMS control audits to identify vulnerabilities and ensure compliance.
  • Conduct ISMS gap assessments to identify areas for improvement.
  • Design security controls that align with agency information security policies and standards.
  • Support the formal accreditation process for information systems handling EU sensitive and classified information.


  • Minimum 4 years of relevant education (master's degree or equivalent) after secondary school.
  • Minimum 6 years of IT professional experience, with at least 4 years focused on Information Security Management.

Knowledge, Skills, and Abilities:

  • Proven experience in implementing, managing, and auditing ISO27001.
  • In-depth understanding of relevant information security standards and best practices.
  • Expertise in risk management methodologies.
  • Familiarity with Governance, Risk, and Compliance (GRC) practices and controls.
  • Experience conducting ISO27001 security control audits and assessments.
  • Strong ability to develop security policies, standards, and guidelines aligned with ISO27001 and EU requirements.
  • Excellent analytical and problem-solving skills.
  • Effective communication and collaboration skills.

Preferred Qualifications:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • ITIL/ITIL V3 certification
  • BSI ISO27001 Lead Auditor Qualification

To Apply "EU Citizenship" is required:

Please submit your resume and cover letter outlining your relevant experience and qualifications.