8.
Experts to be placed on the list shall be selected on the basis of their professional and technical capacity to perform the tasks described in this call according to the following criteria.
For the profile the following is required:
— the applicant shall be a natural person, not a legal entity,
— bachelor’s degree in information security, computer science, information management systems or 3 years of experience in a similar field,
— at least 5 years of experience working in the field of information security systems in one or more of the following domains:
—— business transformation and change,
—— information security standards,
—— data protection policies,
—— data protection operational procedures,
—— data protection registers of classified data,
—— data policy compliance checks (internal users and third party),
—— risk scenarios for optimizing security controls,
—— security controls verification and validation,
—— risk management frameworks and standards (IS027001, ISO 31000),
—— EU GDPR (General Data Protection Regulations).
— Ability to negotiate with stakeholders at all levels,
— experience in governmental organisations or similar.
Particular qualifications and skills are required for given profile and details can be downloaded from:
http://www.ema.europa.eu/ema/index.jsp?curl=pages/about_us/general/general_content_000259.jsp&mid=WC0b01ac0580029487
EMA reserves the right to request evidence of statements in relation to selection criteria included in the on-line application form.