IT Security Operations Section Manager

On behalf of our client, ELPEDISON, we are looking to recruit an IT Security Operations Section Manager.

The company

ELPEDISON, the 1st independent Energy Producer in Greece and one of the biggest, most reliable, and friendly Alternative Electricity and Natural Gas Suppliers, has emerged from the collaboration between two Energy Groups: - Hellenic Petroleum, one of the largest commercial and industrial energy Groups in Greece and South-Eastern Europe, and - Edison, the longest-running energy company in Europe and the largest private energy company in Italy. Thanks to the knowledge and the experience that we have inherited from our parent companies, we aspire to always be a leading company in our sector, playing a significant role in power generation while offering high-quality and innovative energy products and services with stability and consistency.

ELPEDISON, with its two privately-owned power plants in Thisvi (Voiotia )and Thessaloniki, with a total installed capacity of 820 MW, uses natural gas as fuel and ensures a clean and continuous electricity flow, based on a highly environmentally-friendly power generation process.

The position

Ensures the secure operations of Elpedison’s systems and applications through continuous monitoring activities, but also through the performance of specialized exercises to provide management with valuable insights into the current state of “technical security controls”, designed to secure the Information Systems. Oversees and manages the implementation and maintenance of security measures for applications, systems and infrastructure. This includes planning and executing security strategies, monitoring and responding to security incidents, conducting risk assessments, and ensuring compliance with security policies and industry regulations. The ultimate goal of an IT Security Operations Manager is to protect the organization's information and assets from unauthorized access, use, disclosure, disruption, modification or destruction.

Main Duties

• Plans & monitors all the aspects of the Company’s IT infrastructure security architecture. Contributes to the cybersecurity risk management and plans mitigation strategies development, based on company’s risk appetite. Collaborates with other parties (e.g. ISO, DPO) to raise security awareness and to prioritize security coverage -to ensure that strategically important data, such as portfolio information or personal data, receive the highest levels of protection-.
• Analyzes the current information security posture and IT environment, to identify critical deficiencies and recommends remediation activities and solutions for improvement. Implements cyber security services (such as IDS, IPS, WAF, DAM, SIEM, DLP, Next Generation Firewalls), based on risk assessments’ output, to successfully mitigate identified vulnerabilities.
• Responds to security incidents and conducts investigations. Manages and escalates critical information security incidents and plans mitigation activities.
• Implements and supports the information security framework (policies, procedures, standards). Ensures compliance with regulatory requirements, by validating that the operating environment remains protected from internal and external threats, always in alignment with Information Security Officer (ISO).
• Undertakes execution of information security vulnerability assessments and penetration tests, to identify the risk landscape and potential vulnerabilities in information systems and infrastructure.
• Works with & coordinates vendors that provide IT Security-related services to the company.

Requirements

• BSc in Computer Science, Information Technology, System Administration or a closely related field or equivalent experience required
• At least 1 year of working experience as IT Security Operations Manager
• At least 4 years of working experience as IT Security Analyst/Engineer
• Experience with incident response
• Expertise in security technologies (e.g., firewalls, intrusion detection systems, encryption)
• IT infrastructure (servers, switches, storage units) & virtualization (VMWare, Microsoft Azure)
• Backup Software & Disaster Recovery solutions
• Advanced computer skills: Level 5-Proficient Computing, Applications, and Programming
• Excellent command of the English language; both written and oral
• Knowledge of security policies, standards, and regulations (e.g., ISO 27001, PCI DSS)
• Familiarity with security frameworks (e.g., NIST Cybersecurity Framework, SANS)
• Strong leadership and team management abilities
• Excellent communication and interpersonal skills
• Problem-solving and analytical thinking skills
• Continuous learning and staying current with the latest security trends and threats.

Desirable Courses / Certifications

• Microsoft 365 Security Administrator Associate (MS-500)
• Microsoft Azure Security Engineer Associate (AZ-500)
• Microsoft Identity and Access Administrator (SC-300)
• Microsoft Information Protection Administrator (SC-400)
• Microsoft 365 Mobility & Security (MS-101)
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• Certified Information Security Manager (CISM)
• Certified in the Governance of Enterprise IT (CGEIT)
• Global Information Assurance Certification (GIAC)

Competencies

• Technical knowledge. Understanding of network security, threat management, and security protocols.
• Leadership skills. Ability to lead a team of security professionals and effectively communicate with all levels of the organization.
  
• Incident response & Communication skills. Understanding of incident response processes and the ability to lead an incident response team. Excellent written and verbal communication skills, with the ability to explain technical concepts to non-technical stakeholders.
  
• Risk management. Knowledge of security risks and the ability to develop and implement strategies to mitigate those risks.
  
• Project management. Ability to manage complex security projects and ensure they are delivered on time and within budget.
• Integrity, conscientiousness, responsibility, self-motivation.
  

Benefits

• Competitive salary
• Performance-based variable pay
• Ticket restaurant card
• Private Health Insurance coverage
• Pension Scheme
• Home electricity discount
• Continuous learning & upskilling opportunities and access to our online training platform