Rebecca W.

• • Liaising with the external Data Protection Officer (DPO), external Information Security Officer, IT Security Officer, the lead of the IT department and the top management, as well as liaison with internal key positions (IT staff, department heads, staff representatives)

• • Leading of a small team

• • Development of an Information Security Management system (ISMS)

• • Observing compliance with legal regulations (NIS2, EU GDPR) and standards (ISO 27001, ISO 27002)

• • Preparing, reviewing and maintaining relevant documents like the Statement of Applicability, policies (e.g. Information Security Policy, Privacy Policy), guidelines and manuals

• • Documentation and analysis of core business processes, creation of a directory of processing processes (VvV)

• • Risk management according to best practices and standards (ISO 31000), analysing threats, vulnerabilities and impact (confidentiality, integrity, availability) for company assets

• • Data protection impact assessment of applications and core processes

• • Management of projects and change processes for the concrete implementation of controls and technical organizational measures

• • Monitoring progress of the ISMS implementation

• • Reporting the status and raising major risks and solutions discussed within the team with top management

• • Moderation of workshops and meetings with department managers and staff

• • Preparing material for and conducting staff awareness raising campaigns

• • Participation in internal audits and external certification audits Tools, standards, methodologies used:

IT applications: M365, MS Teams (and similar videoconferencing and collaboration tools), Adobe Acrobat Pro Methodologies: Project Management, ITIL Service Management, ISO 9001 Quality Assurance, ISO 27001 and 27002 Information Security (and Controls), ISO 31000 Risk Management, Change Management, moderation, leading of a small team

• • Searching business opportunities on the "Tenders Electronic Daily" and other procurement platforms

• • screening and analysis of potential Calls for Tenders in line with the company strategy and feasibility of evaluation criteria

• • follow-up of tender related publications (Corrigenda, Questions and Answers)

• • maintaining the tendering calendar

• • monitoring of bids

• • co-ordination and management of several bids in parallel with bid team members

• • liaising with partners and subcontractors, collaboration on tender documents, and provision of guidance to partners and subcontractors

• • attending to internal bid management and tender group meetings

• • assisting the company in terms of preparing administrative documents and technical and financial bids

• • preparing and writing content for technical offers

• • performing in-depth technical analysis, identifying/understanding technical and non-technical requirements defined in the Tender Specifications

• • preparing technical offers presenting the company´s service delivery methodologies, organisational structures and governance, and quality assurance methodologies

• • drafting and updating of company policies (diversity, environmental protection), documents related to ISO certification (ISO 9001, 27000), registrations (UN Global Compact, UNGM vendor registration), and similar

• • technical writing, copywriting, preparing content for technical offers

• • quality control activities such as proof reading

• • observing of submission dates and timely delivery Quality control activities such as proof reading

• • supervision and training of interns and new employees Tools, standards, methodologies used:

IT applications: M365, MS Teams (and similar videoconferencing and collaboration tools), Adobe Acrobat Pro Methodologies: PRINCE2 Project Management, ITIL Service Management, ISO 9001 Quality Assurance

Client: Publications Office of the European Union (OPOCE) Project: ELI and ELI DL stakeholder information package for Member states

• • Conducting an inventory of Member States information published on the Publications Office website

• • conducting a gap analysis based on the inventory and structuring and harmonizing the available data

• • creating a contact list of Member State representatives responsible for ELI / ELI-DL in their country, updating the list based on survey returns

• • preparing the content for updating the contry websites (register/implementation.html ), harmonizing all country pages based on the new structure and updating country data based on survey returns

• • preparing a report describing the activities, meeting summaries, deliverables including finding

• • preparing the delivery Tools, standards, methodologies used:

IT Applications: MS Office (Word, Excel), MS Visual Studio, HTML