By continuing to browse this site, you agree to our use of cookies. Read our privacy policy

IT Security Auditor and Data Breach Handler


  • Organization: EDPS - European Data Protection Supervisor
  • Location: Brussels
  • Grade: Consultancy - FG IV, Function Group 4, Contract Agent
  • Occupational Groups:
    • Statistics
    • Accounting (Audit, Controlling)
    • Information Technology and Computer Science
    • Security and Safety
  • Closing Date: 2023-02-09
Our job vacancy is in the Technology and Privacy Unit. The unit provides expertise at the intersection of policy and information technology by generating in-depth knowledge about the impact of technology on privacy and data protection, including the forecast of future trends. The Technology and Privacy Unit of the EDPS is in charge to monitor relevant developments, insofar as they have an impact on the protection of personal data, in particular the development of information and communication technologies. The unit also serves as technological advisor and contributor for other units and sectors in the EDPS. In addition, the unit is leading the technical audits of IT systems carrying out data processing operations and in particular the Large Scale IT systems of EU Institutions (EUIs), such as SIS II, Eurodac, VIS, etc. These audits follow the requirements of specific legal instruments and international standards and controls. The unit handles the notification of personal data breaches from the other Union institutions, bodies, offices and agencies (EUIs). As IT Security Auditor and Data Breach Handler, your main responsibilities will include: • Prepare/participate in audits of the most relevant (from data protection point of view) IT systems managed by EUIs; • Document, evaluate and test IT systems and controls to determine their adequacy and effectiveness to ensure compliance with data protection, security legislation and international standards. This will include hands-on verification of the security measures implemented among others at network level, database level, application level, including detection of potential vulnerabilities using specific tools; • Design and maintain audit processes and procedures; • Draft technical reports that analyse/interpret audit results and stakeholder reports that use accessible language to explain the process and recommendations; • Organise and execute ad-hoc technical investigations particularly related to IT systems in the Area of Security, Freedom and Justice (AFSJ); • Use and development of the IT Lab of the Unit with selection and acquisition of tools that will support the auditing and other security activities of the EDPS such as investigation activities; • Contribute to drafting guidelines related to personal data breaches; • Intervene and when appropriate lead investigations or/and audits following one or multiple data breach notifications of the EUIs in order to assess if there is a structural problem of security and provide the necessary recommendations to them; • Manage the full cycle of data breach notification to verify the compliance of the Controller’s actions with the requirements of the Regulation; • Deliver training sessions on personal data breach management; • Prepare reports including statistics on personal data breaches; • Act when required as business analyst and project manager for the data breach notification system and process inside the EDPS. These tasks may require occasional (3-4 times a year) missions out of Brussels. You may also be required to carry out additional tasks when necessary and in the interest of the service.
We do our best to provide you the most accurate info, but closing dates may be wrong on our site. Please check on the recruiting organization's page for the exact info. Candidates are responsible for complying with deadlines and are encouraged to submit applications well ahead.
Before applying, please make sure that you have read the requirements for the position and that you qualify.
Applications from non-qualifying applicants will most likely be discarded by the recruiting manager.

You need an Impactpool account to apply for this job

It's free and takes only a moment to sign up

Sign up and apply

Already a member of Impactpool?

Sign in to your account