Chief Information Security Officer

Located in the heart of Luxembourg city, the Luxembourg Stock Exchange (LuxSE) is home to over 48,000 international securities and gathers diverse and committed teams covering listing, trading, information services and of course, the Luxembourg Green Exchange (LGX) - the world's leading platform dedicated to sustainable finance.

By joining LuxSE, you will become part of an independent stock exchange that has shaped international capital markets over the past 60 years and pioneered the rise of sustainable finance.

The Luxembourg Stock Exchange is looking for an:

Chief Information Security Officer (CISO)

Permanent contract (F/M)

The Luxembourg Stock Exchange is seeking a skilled and experienced Chief Information Security Officer (CISO) to join our team. The primary objective of the CISO is to develop and foster an information security culture within the company. This includes the implementation and continuous development of a comprehensive cybersecurity strategy, supported by thorough documentation and a robust user awareness program. The CISO will ensure that controls are in place to mitigate cyber risks to an acceptable level in line with management objectives and will provide regular reporting on cyber risks through assessments, key risk indicators, and key performance indicators.

Key Responsibilities:

• Raise user awareness and enhance the cyber-risk culture within the organization.
• Develop and implement a training program for employees on information security.
• Define and enforce information security strategies and policies.
• Maintain an inventory of information security risks in collaboration with business teams and risk management team.
• Assess and mitigate information security risks in projects and change management and with consideration of risk appetite.
• Document and design technical and functional controls to ensure acceptable risk levels.
• Oversee penetration testing activities, including provider selection and follow-up.
• Ensure proper remediation of issues identified in penetration tests in collaboration with IT.
• Monitor and provide awareness on emerging cybersecurity threats and risks.
• Act as the primary contact for regulators and auditors within the area of expertise.
• Develop and execute a control plan based on identified risks.
• Define and document procedures for cyber incident management.
• Manage information security incidents in collaboration with IT.
• Define and manage the strategy and implementation of security monitoring with IT.
• Operate security monitoring activities.
• Ensure compliance with current and future regulations.
• Report on information security to top management, including performance and risk indicators.
• Escalate critical issues to management as necessary.
• Manage the external consultant reinforcing information security team.

Education and Experience:

• University degree in IT, preferably with a specialty in Cybersecurity.
• 5 to 10 years of relevant experience in a similar role.

Technical Competencies:

• Basic understanding of financial markets.
• Knowledge in Risk Management, IT, Cybersecurity, and cloud computing.
• Familiarity with risk measurement systems and concepts.

Soft Skills:

• Initiative and ability to work autonomously.
• Capacity to define long-term objectives and strategies to achieve them.
• Innovative thinking and problem-solving skills.
• Excellent organization and time-management skills.
• Team-oriented mindset.

Language Skills:

• Excellent verbal and written communication skills in English and French. Additional languages are considered an asset.

If you are a proactive and innovative professional with a strong background in cybersecurity and risk management, we invite you to apply for this exciting opportunity at the Luxembourg Stock Exchange.

Application

Luxembourg Stock Exchange is an employer for whom diversity and inclusion are important. We therefore encourage you to apply, regardless of your gender, ethnicity, sexual orientation, age, religion or disability. At a later stage of the recruitment process, we may ask for a recent copy of your criminal record (N°3).

LuxSE does not accept unsolicited resumes, CVs, or profile summaries from agencies. In case of an unsolicited proposal, this shall not be considered as (i) "ownership" of the candidate and/or (ii) introduction of the candidate by such agency unless the agency has received prior authorization from our Legal and/or HR departments.

Languages English French Education Master Experience 5+ years