Information Security Officer

**About the Department of Medical Informatics (DMI)**:
Across the last decades, data has become a cornerstone for multidisciplinary research, digital and precision health. At the LIH, the DMI is in charge of promoting and ensuring that researchers and clinicians can fully leverage patient information. With its expertise in Information Technologies (IT) and data science, the DMI assists and supports medical research at LIH and the national level. The primary mission of the DMI is to provide and maintain a safe and secure IT ecosystem for researchers and clinicians, where they can collect, store, analyze and share data from different sources, ranging from studies, registries, laboratories, health systems and public datasets. This includes establishing and maintaining a national data integration centre, in close collaboration with national partners, to enable the gathering, management and dissemination of interoperable health data in a quality-managed environment.

We are seeking an experienced and motivated Information Security Officer to join our dynamic Strategy & Management (S&M) Unit under the DMI. This role involves collaborating with cross-functional teams, planning, organization, implementation, and continuous improvement of the processes within LIH. In close collaboration with LIH’s quality management team, an Information Security Management System (ISMS) in line with ISO 27000 standards and in compliance with other standards (e.g. ISO 9001, ISO 17025, GCP ) shall be set-up. This includes developing, implementing, and monitoring information security program to ensure adherence to best practices, normative and regulatory requirements (e.g. GDPR, NIS, and EHDS).

**Key Accountabilities**:

- Develop, implement, and maintain information security policies, procedures, and documentation for LIH processes in close collaboration with DMI units and LIH’s quality management team to ensure compliance with normative and regulatory requirements (ISO 9001, ISO 17025, GCP ).
- Develop and oversee the implementation of an ISMS in accordance with ISO 27000 standards, integrated into the existing institutional quality management system.
- Coordinate with different department heads and staff to ensure the effective implementation of the ISMS within operational and research processes
- Perform routine reviews and assessments to ensure compliance with policies and standards, and identify areas for improvement.
- Conduct training and on-boarding sessions on information security and IT processes to raise awareness, enhance staff understanding, compliance and engagement in information security changes.
- Stay abreast of the latest developments, advancements, and trends in the field of information security.

**Key skills, Experience and qualifications**:

- Proven experience in information security management, preferably within the healthcare or medical research sector.
- Strong change management and coaching skills to drive information security awareness and adoption.
- Excellent communication skills and the ability to effectively articulate complex information to both technical and non-technical audiences.
- Good writing and presentation skills in English.
- Language skills : French and/or German is an asset.
- Demonstrated ability to organize and prioritize work.
- Strong strategic thinking, problem-solving, and evidence
- and risk-based decision-making skills.
- Bachelor's or Master's degree in IT Security, or a related field. Certifications like CISSP, CISA, CISM, CRISC or ISO 27001 Lead Auditor/Implementer will be an added advantage.
- Experience in a research environment, collaborating with healthcare professionals, C-level executives, and principal investigators (PIs) is a plus.

**Benefits**:

- Cutting-Edge Work Environment: You will be part of a team at the forefront of medical research and data integration.
- High-Impact Work: Your work will contribute to the advancement of medical research and technology, potentially transforming the lives of countless individuals. Professional Growth: This role offers excellent opportunities for career development and growth.

**In Short...**:

- Contract type : Permanent contract (CDI)
- Location : rue Thomas Edison 1 A-B - 1445 LUXEMBOURG
- Start date : 01/04/2025
- Ref : JA/ISO0225/LT/DMI

**How to apply**:
Applications including a letter detailing your motivation and a curriculum vitae should be sent through our website.