Security Chapter Lead

Sopra Steria is Europe's leading digital solutions provider, employing over 56,000

employees in 30 countries. We provide tailored, end-to-end corporate technology

and software solutions. We leverage our digital tools and market expertise to help

our clients make bold choices and deliver results. Our commitment to innovation,

collaboration and value in business development is why we're the preferred

technology partner of Europe's most successful companies. The world is how we

shape it, so let's shape it together.

Sopra Steria Luxembourg operates within a consortium and matrix-driven organization, delivering large-scale, mission-critical IT services to institutional and private-sector clients. Security is a strategic pillar of our delivery model.

To strengthen our security governance and operational excellence, we are looking for a Security Chapter Lead – Head of Security Office to provide leadership, structure, and strategic direction across squads and chapters.

Mission

As Security Chapter Lead and Head of Security Office, you will be responsible for defining, implementing, and overseeing the organization's security strategy. You will ensure the confidentiality, integrity, and availability of IT systems, infrastructure, and data, while embedding security-by-design across the full development and operational lifecycle.

You will lead the Security Office, act as a trusted advisor to senior management, and serve as the primary point of contact for security governance within the consortium.

Key Responsibilities

1. Security Strategy & Governance

• Define, maintain, and execute the security strategy and roadmap, aligned with business objectives, regulatory requirements, and industry best practices.

• Lead and organize the Security Office, ensuring efficient delivery and strong process-based collaboration with technical squads and chapters.

• Ensure effective use of project management, ticketing, and planning tools to manage security activities and workloads.

• Establish, maintain, and enforce security policies, standards, and procedures across the organization.

• Provide strategic security guidance and risk-based recommendations to senior leadership.

2. Security Architecture & Engineering

• Define and maintain security architecture principles for systems, applications, and infrastructure.

• Embed security-by-design and security-by-default principles into development and delivery processes.

• Collaborate with architecture and engineering teams to evaluate, select, and implement appropriate security tools and technologies.

• Conduct security architecture reviews, risk assessments, and audits, identifying vulnerabilities and driving remediation actions.

3. Security Awareness & Enablement

• Design and deliver security awareness and training programs for employees, contractors, and stakeholders.

• Promote a strong security culture across squads and chapters.

• Provide guidance on secure coding practices, threat mitigation, and security best practices.

• Measure and continuously improve the effectiveness of awareness and training initiatives.

4. Security Compliance & Assurance

• Work closely with audit, compliance, and legal teams to ensure alignment with contractual, regulatory, and client security requirements.

• Maintain security documentation, evidence, and artifacts to support audits and compliance assessments.

• Ensure ongoing alignment with recognized frameworks and standards.

5. Security Operations & Incident Response

• Oversee security operations, including monitoring, detection, and incident response activities.

• Lead the Security Incident Response Team (SIRT) and coordinate investigations and remediation of security incidents.

• Develop and maintain incident response plans, playbooks, and procedures.

• Organize and lead regular tabletop exercises and simulations to test and improve response readiness.

Education & Certifications

• Bachelor's degree in Information Security, Computer Science, or a related field.

• Relevant certifications such as CISSP, CISM, CISA are a strong asset.

• Experience

• Minimum 5 years of proven experience in information security, covering governance, strategy, operations, and compliance.

• Demonstrated experience leading cross-functional or matrix-based security teams in complex environments.

• Technical & Professional Skills

• Strong knowledge of security frameworks and standards (e.g. NIST CSF, CIS Controls, OWASP Top 10).

• Solid understanding of modern IT architectures, cloud environments, and secure development practices.

• Strong analytical and problem-solving capabilities with a risk-based and strategic mindset.

• Excellent communication and stakeholder management skills, with the ability to influence at all organizational levels.

Languages

• Fluency in English (written and spoken) is mandatory.

• Knowledge of any other European language is considered an advantage.

As a member of one of Europe's largest digital solutions providers, you'll benefit from extensive career development opportunities, both local and international. At the Sopra Steria Academy, you'll be part of a dynamic network of 56,000 professionals at all stages of their careers. With a wide array of offices to explore, you can find your ideal location and take the next step in your career.

We offer a generous employee benefits package that includes:

• Access to our Sopra Steria training and personal development academy
• A company car lease or mobility budget
• A company laptop and mobile phone
• Private health insurance coverage
• Meal vouchers
• Social security and pension plan
• A competitive salary

Sopra Steria is implementing the tools of the future today at the world's largest businesses across industry and financial services. By being bold together, our professionals are changing how business is done.

______

Sopra Steria is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, ancestry, nationality, color, family or medical leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, gender (including pregnancy), sexual orientation or any other characteristic protected by applicable local laws, regulations and ordinances. We foster a work environment that is inclusive and respectful of all differences.