cybersecurity risk analyst

Are you ready to innovate, grow, and collaborate?

Welcome to the heart of the Digital Renaissance.

We are BTO, part of Relatech Group, an Italian tech company founded in 2001, now operating across 14 locations in Italy and abroad. We are the beating heart of an ecosystem that delivers both technological and human value to businesses.

With 800+ professionals and advanced expertise in Cloud , Cybersecurity , AI , AR/VR , IoT , and Blockchain , we build end-to-end solutions that create real-world impact.

At the core of our vision is the individual. We democratize technology to enhance accessibility and build a more inclusive and sustainable future.

What You'll Do

The Cybersecurity Risk Analyst will support our clients in identifying, assessing, and managing cybersecurity risks across complex IT and business environments.

You will work closely with IT, compliance, and governance stakeholders to ensure that risk levels remain acceptable and that mitigation strategies are aligned with the organization's policies and EU standards (NIS2, DORA, ISO 27005, EBA, EIOPA guidelines, etc.).

Perform qualitative and quantitative cybersecurity risk assessments on systems, applications, and processes.

Analyse vulnerabilities and evaluate technical, operational, and organizational controls.

Draft and maintain IT Security Risk Registers and Risk Treatment Plans.

Contribute to Security Plans, Business Impact Analyses, and Continuity Reviews.

Support project teams in defining and validating security requirements early in the lifecycle.

Provide input to governance and compliance reports, including management dashboards and risk KPIs.

Stay up to date with evolving EU cybersecurity frameworks and integrate best practices into risk methodologies.

Technical Skills

Degree in Computer Science, Information Security, Risk Management, or equivalent.

3 + years of experience in cybersecurity risk management or IT security governance.

Solid understanding of ISO 27005, ISO 31000, NIST RMF, or EBIOS RM methods.

Strong analytical and reporting skills; ability to communicate with both technical and non-technical stakeholders.

Experience with tools such as RSA Archer, ServiceNow GRC, or similar is a plus.

Certifications (preferred): CISM, CRISC, CISSP, ISO 27005 RM, Security +.

Fluent in English

Where: Luxembourg, on-site presence required

Soft Skills & Attitude

Analytical thinker able to translate business needs into technical solutions.

Proactive, solution-oriented mindset.

What We Offer

A dynamic, young, and fast-growing environment

Flexible thinking and working approaches

Hands-on experience in a stimulating, project-based context

Opportunities to learn from industry professionals

On-the-job training (and more)

The chance to work on real projects with tangible impact

The chance to work on real projects with tangible impact

Inclusion & Equal Opportunity

We believe in people, diversity, and meritocracy. Our recruitment processes are open to everyone—regardless of gender, ethnicity, orientation, or ability. For us, talent is a matter of energy, not labels.

Discover more about us #BTO

Explore our world at

CYBERSECURITY RISK ANALYST:

What You'll Do

The Cybersecurity Risk Analyst will support our clients in identifying, assessing, and managing cybersecurity risks across complex IT and business environments.

You will work closely with IT, compliance, and governance stakeholders to ensure that risk levels remain acceptable and that mitigation strategies are aligned with the organization's policies and EU standards (NIS2, DORA, ISO 27005, EBA, EIOPA guidelines, etc.).

Perform qualitative and quantitative cybersecurity risk assessments on systems, applications, and processes.

Analyse vulnerabilities and evaluate technical, operational, and organizational controls.

Draft and maintain IT Security Risk Registers and Risk Treatment Plans.

Contribute to Security Plans, Business Impact Analyses, and Continuity Reviews.

Support project teams in defining and validating security requirements early in the lifecycle.

Provide input to governance and compliance reports, including management dashboards and risk KPIs.

Stay up to date with evolving EU cybersecurity frameworks and integrate best practices into risk methodologies.

Technical Skills

Degree in Computer Science, Information Security, Risk Management, or equivalent.

3 + years of experience in cybersecurity risk management or IT security governance.

Solid understanding of ISO 27005, ISO 31000, NIST RMF, or EBIOS RM methods.

Strong analytical and reporting skills; ability to communicate with both technical and non-technical stakeholders.

Experience with tools such as RSA Archer, ServiceNow GRC, or similar is a plus.

Certifications (preferred): CISM, CRISC, CISSP, ISO 27005 RM, Security +.

Fluent in English

Where: Luxembourg, on-site presence required

Soft Skills & Attitude

Analytical thinker able to translate business needs into technical solutions.

Proactive, solution-oriented mindset.

What We Offer

A dynamic, young, and fast-growing environment

Flexible thinking and working approaches

Hands-on experience in a stimulating, project-based context

Opportunities to learn from industry professionals

On-the-job training (and more)

The chance to work on real projects with tangible impact

The chance to work on real projects with tangible impact

Inclusion & Equal Opportunity

We believe in people, diversity, and meritocracy. Our recruitment processes are open to everyone—regardless of gender, ethnicity, orientation, or ability. For us, talent is a matter of energy, not labels.

Discover more about us #BTO

Explore our world