Senior Security Compliance Consultant

Devoteam is an AI-driven tech consulting firm specialised in cloud platforms, cyber, data, and sustainability.

Tech native for almost 30 years, Devoteam guides businesses through sustainable digital transformation to deliver value.

With over 11,000 tech architects in more than 25 countries across Europe, the Middle East, and Africa, Devoteam is committed to using technology to serve people.

We are looking for an experienced Senior Compliance Consultant specializing in security compliance. This role requires a strong understanding of Luxembourg and EU legal and regulatory landscape, alongside expertise in data protection and information security.

As a Senior Compliance Consultant, you will play a key role in ensuring that our clients adhere to regulatory obligations, reduce compliance risks, and maintain the highest standards of security compliance.

**Key Responsibilities**

**Regulatory Compliance Advisory**
- Provide expert advisory on Luxembourg and EU regulatory requirements, including DORA, NIS2, GDPR, PSD2, and PCI DSS.
- Assist in interpreting, assessing and implementing guidelines set forth by regulatory bodies like the CSSF, CAA.

**Security Compliance Program Development**
- Develop and/or enhance client security compliance programs, ensuring alignment with relevant security compliance requirements such as ISO 27001, NIST, PCI DSS, and other industry standards.
- Conduct assessments and gap analyses, identifying areas of non-compliance, related risks and recommending mitigation measures.
- Design customized compliance policies, procedures, and controls that meet regulatory and security requirements.

**Risk Assessment and Mitigation**
- Conduct security and compliance risk assessments, focusing on identifying and mitigating regulatory and operational risks.
- Provide strategic recommendations to address identified risks and design tailored action plans to enhance security posture and compliance adherence.
- Develop risk management reports for stakeholders, including insights on risk exposure and suggested mitigation strategies.

**Compliance Training and Awareness**
- Deliver compliance training and workshops, on regulatory and related security obligations.
- Develop and provide materials, such as policy guides, compliance toolkits, and security awareness programs.

**Audit Support and Coordination**
- Coordinate and support client security audits, including preparation, response management, and addressing findings.
- Develop audit-readiness plans, to maintain a state of compliance through continuous improvement.
- Prepare compliance reports and findings for management and regulatory authorities as needed.

**Must have**
- Bachelor's or Master's degree in information technology, information security or a related field.
- A minimum of 3 years in a compliance related role, with a strong focus on security compliance.
- Knowledge of security and compliance frameworks, standards, and regulations (e.g., ISO 27001, GDPR, CIS)
- Strong understanding of the Luxembourg local regulatory environment (e.g., CSSF, CAA compliance requirements).
- Proven ability to conduct compliance advisory, audits, risk management, and develop security policies.
- Fluent in French AND English and have excellent communication skills.

**Nice to have**
- Relevant certifications such as CISA, CISM, ISO 27001, or GDPR and DORA Practitioner.
- Knowledge of additional security and compliance frameworks, standards, and regulations (e.g., DORA, NIS2, NIST, PCI DSS).
- Excellent analytical, communication, and consulting skills, including experience working with clients and cross-functional teams.
- **Partner with a multi-awarded, Best Workplace & premium consulting company in Luxembourg.**Devoteam Luxembourg offers a vibrant work culture that promotes innovation, knowledge sharing, and continuous learning. When you join our team, you will enjoy:

- **Continuous Growth.**Surf with the latest trends, top experts, and extensive growth opportunities through mentoring, strong cloud partnerships (Microsoft, ServiceNow,..), local Training Center, certifications programs and our Power Skills Academy;
- **Be part of something bigger**. Work for a company that values social impact, sustainability, and digital inclusion. Our CSR strategy will empower your ideas through the Devoteam Fondation and its volunteering possibilities;
- **Team Diversity.**Join a team of 140 tech-enthusiasts from more than 30 diverse nationalities where togetherness & celebrating successes are paramount.
- Devoteam stands for equal opportunities. We are convinced that diversity contributes to the creativity, dynamism and excellence of our organization. All our positions are open to people with disabilities._