Information Security Officer

With more than 20 years of proven experience, QUALCO is a leading Fintech solutions provider, offering a wide range of analytics-driven, highly scalable enterprise software solutions in over 35 countries worldwide. Our end-to-end technology solutions cover a wide range of needs for Banking, Financial Services, Utilities, Insurance, Retail organizations, and beyond.

We are looking for passionate Information Security Officer to join our team.

A Day in the Life of an Information Security Officer will include

• Maintain, assess, and continuously improve the Information Security Management System (ISMS) in alignment with ISO 27001, NIS2, and other regulatory/compliance requirements.
• Draft, review, and update security policies, standards, procedures, and guidelines to support governance and operational consistency.
• Oversee and support the implementation of technical security controls, including firewalls, Microsoft 365 security suite (Purview, Priva, Defender), and Azure Security Center.
• Coordinate and conduct information security risk assessments, define mitigation strategies, and monitor the execution of corrective actions across business and technical areas.
• Actively participate in incident response processes, including triage, investigation, remediation coordination, and post-mortem reporting.
• Contribute to the implementation and optimization of security operations including SIEM, identity and access management (IAM), and data loss prevention (DLP) mechanisms.
• Collaborate with IT and business stakeholders to ensure compliance with data protection and privacy regulations, including GDPR.
• Conduct or validate Business Impact Analyses (BIA) to define recovery priorities and dependencies.
• Support third-party risk management processes, including vendor assessments and contractual security reviews.
• Promote a security-by-design approach in projects, applications, and systems development lifecycles.
• Deliver targeted security awareness and training sessions to business and IT users.
• Monitor and report on key security metrics, supporting the continuous improvement of the organization's cyber resilience.
• Keep abreast of emerging threats, vulnerabilities, and evolving regulatory frameworks, recommending appropriate adjustments to policies and controls.
• Ensuring that all activities and duties are carried out in full compliance with regulatory requirements and supporting the continued implementation of the Group Anti-Bribery and Corruption Policy.

• University degree in Information Security, Computer Science, Engineering, or a related field. A Master’s degree in Information Security is highly desirable.
• At least 5 years of experience in information security, including both GRC and technical security control implementation.
• Solid experience in Firewall administration and security hardening.
• Solid experience in Microsoft 365 Security & Compliance Center, including Purview, Priva, and Defender for Endpoint/Identity.
• Solid experience in Azure security technologies, such as Microsoft Defender for Cloud, Azure Sentinel, and role-based access control (RBAC).
• Proven knowledge of ISO/IEC 27001, NIST CSF, and data privacy standards (e.g., GDPR, ISO/IEC 27701).
• Familiarity with SIEM, EDR, DLP, and IAM tools and concepts.
• Strong communication skills, with the ability to translate technical risks into business impact.
• Experience in conducting security awareness campaigns and user training.
• Excellent command of Greek and English, both written and spoken.

Additional Qualification, Knowledge and Skills

Must have at least one of the following certifications:

• ISO 27001 Lead Auditor / Lead Implementer
• Microsoft Certified: Security, Compliance, and Identity Fundamentals
• Microsoft Certified: Cybersecurity Architect Expert
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)

Nice to Have:

• Microsoft Certified: Azure Security Engineer Associate
• Microsoft Certified: Information Protection Administrator Associate
• Certified Information Systems Security Professional (CISSP)
• Certified Data Privacy Solutions Engineer (CDPSE)
• CompTIA Security+ or CySA+

Your Life @ Qualco 
This role is a hybrid opportunity in Athens. 

As a #Qmember, you will live out every day in a truly human-centered culture, based on mutual respect, trust, and cooperation. Your performance and commitment to our shared goals will be recognized, and there will be great opportunities to ensure your career growth.  
Find out more about #LifeatQualco 👉🏼 qualco.group/life_at_qualco_group 

Join the #Qteam and enjoy: 

💸 Competitive compensation, ticket restaurant card, and annual bonus programs

💻 Cutting-edge IT equipment, mobile, and data plan

🏢 Modern facilities, free coffee and beverages, and indoor parking

👨‍⚕ Private health insurance, onsite occupational doctor, and workplace counselor

🏝️ Flexible working model

🤸‍♂️ Onsite gym, wellness facilities, and ping pong room

💡 Career and talent development tools

🎓 Mentoring, coaching, personalized annual learning and development plan

🌱 Employee referral bonus, regular wellbeing, ESG, and volunteering activities

Your race, gender identity and expression, age ethnicity or disability make no difference in Qualco. We want to attract, develop, promote, and retain the best people based only on their ability and behavior.

Disclaimer: Qualco collects and processes personal data in accordance with the EU General Data Protection Regulation (GDPR). We are bound to use the information provided within your job application for recruitment purposes only and not to share these with any third parties. For more details on the processing of your personal data during the Recruitment procedure, please be informed in the Recruitment Notice, before the submission of your application.