Cybersecurity Compliance Specialist (GDPR)

Compliance Specialist

12 month engagement

50% onsite in Brussels

• Skills listed (GDPR, EDPR, OWASP etc)...
• 3 years experience with compliance roles
• 3 other years in IT

Compliance & Documentation

• Helps maintain security documentation for audits and compliance.
• Assists in drafting security assessments, architecture security blueprints, and configurations.

Vulnerability Testing & Remediation

• Coordinates vulnerability assessments and penetration testing follow-ups.
• Assists in remediation planning and tracking corrective actions.

Risk Analysis & Security Policy Compliance

• Conducts risk assessments and proposes mitigation actions.
• Supports alignment with risk management methodologies.
• Incident & Threat Categorization
• Supports incident classification and response prioritization.
• Collaborates with IT operations to ensure proper handling of security events

Application Security Design

• Supports the design of secure IT architectures and ensures compliance with security policies and standards.
• Collaborates with IT development, operations, and architecture teams to embed security throughout the application lifecycle.

Security Requirements & Technical Actions

• Assists in defining and implementing security requirements within IT projects.
• Supports security control integration in development and infrastructure.

Application Security Implementation

• Promotes secure development practices and ensures their adoption.
• Works with DevSecOps teams to strengthen security in software development.

Security Training & Awareness

• Delivers training sessions on security best practices.
• Helps create awareness programs for secure development and risk management.

Security Strategy & Implementation

• Assists in defining security plans, access management strategies, and risk mitigation frameworks.
• Supports long-term cybersecurity initiatives within the IT ecosystem.

Information security: in-depth understanding and experience with the General Data Protection Regulation (GDPR) and the proposed ePrivacy Regulation (EDPR), etc.

Security Best practice:

In-depth understanding of OWASP’s top security risks and ability to apply these practices in software development,

Good knowledge of secure coding frameworks and guidelines,

Good knowledge of security practices for cloud environments.

ISO Standards and Risk Management: Comprehensive knowledge of ISO 27001 (Information

Security Management), ISO 27002 (Code of Practice for Information Security Controls), and

ISO 27005 (Information Security Risk Management).