Security specialist M/F

Be at the center of a security strategy department within a private Bank We are looking for a Security Specialist for one of our clients based in Luxembourg. Freelance contract or permanent contract via a payrolling company Full-time job Languages: fluent English, B1/B2 German (strong advantage) Main responsabilities: Information Security Support You will contribute directly to the bank's security strategy, collaborating with key stakeholders and gaining strong visibility. You will support data governance topics, expanding your expertise in how critical information is managed and protected. Define and Train : * You will help develop the organisation's security culture by shaping awareness initiatives and training activities. Control and Assess You will monitor security, placing you at the frontline of threat detection and internal risk prevention. You will conduct regular and ad‑hoc risk assessments, strengthening your understanding of regulations and internal controls. You will assess the effectiveness of 1st Line of Defense controls and influence continuous improvement efforts. You will support ICT risk management in projects, allowing you to impact strategic decisions early in the lifecycle. Risk Management You will contribute to identifying and mitigating cyber risks, advising risk owners and sharpening your analytical skills. You will maintain risk registers and take part in shaping the annual security roadmap. You will perform due‑diligence checks on third‑party providers, developing valuable third‑party risk expertise. You will support investigations and incident response, gaining hands‑on experience in forensic and crisis handling. You will collaborate with audit teams and risk champions, building a strong cross‑departmental network. Compliance : * You will prepare executive‑level reports, enhancing your strategic communication visibility. Report and Monitor : * You will help define and track key risk indicators ensuring continuous visibility on the organization's risk posture. Third‑Party Risk Management You will perform due‑diligence checks on third‑party providers to ensure compliance with the bank's information security requirements. You will support periodic reassessments of external partners, validating that they continue to meet the bank's security standards. You will contribute to identifying third‑party‑related risks early and support the definition of appropriate mitigation measures. Response and Mitigate : * You will manage the overall mitigation action to resolve identified gaps with the control framework Your profile You are educated to at least a bachelor's level in information security, computer science, business informatics, or an equivalent field. You are an experienced professional with several years of hands‑on exposure to cybersecurity, ideally in the financial sector. You are familiar with industry frameworks (ISO 27001 / NIST), and you understand relevant regulatory requirements. You are comfortable working autonomously, managing priorities, and driving initiatives in a complex organisation. You are capable of translating technical risks into clear, meaningful messages for both technical and business audiences. You are solution‑driven, rigorous, reliable, and committed to ethical practices. You are able to work under pressure and adapt to changing priorities without compromising quality. You are fluent in English, and any additional language skills (German or French) are a strong advantage. You are proficient with common office tools and have experience using GRC and risk‑management platforms.