Senior Information Security

il y a 4 jours

Luxembourg Luxfactory Temps plein

We are currently looking for a highly experienced **Information Security & Risk Management Consultant** for a strategic assignment.

**Location**: Luxembourg (on-site at client premises, with possible remote flexibility)

The consultant will take the lead in designing, developing, and implementing a **comprehensive IT Risk 3D Matrix** tailored to the client’s operational context. This will include:

- Building a matrix covering threats, vulnerabilities, and assets (up to 300 risks).
- Ensuring alignment with frameworks**:ISO/IEC 27001-27005, NIST RMF/CSF, COBIT, FAIR, COSO, ITIL**.
- Defining **risk taxonomy, impact/likelihood scales, and risk appetite/tolerance thresholds**.
- Facilitating **risk identification and assessment workshops** with both technical and non-technical stakeholders.
- Providing expert recommendations on **control effectiveness, mitigation strategies, and treatment plans**.
- Delivering governance models, policies, procedures, guidelines, and training documentation.
- Transferring knowledge to the internal IT controller for sustainability.

**Expected Deliverables**
- Fully functional and documented **IT Risk 3D Matrix**.
- Finalized **risk management governance, policies, and procedures**.
- Knowledge transfer plan to the internal IT controller.
- Framework for **likelihood/impact follow-up management**.
- Strategic recommendations for ongoing IT risk management.
- Long-term governance model aligned with best practices.

**Requirements**:

- **10+ years of experience** in Information Security, Risk Management, or IT Governance.
- Proven track record in **implementing or maturing risk assessment frameworks** in medium-to-large organizations.
- Strong expertise with standards/frameworks**:ISO/IEC 27005, NIST RMF/CSF, COBIT, FAIR, COSO, ITIL**.
- Excellent analytical, facilitation, and communication skills - ability to translate **technical risks into business language**.
- Professional certifications such as **CRISC, CISM, CISSP, CGEIT, ISO 27001 Lead Implementer** (or equivalent) are a strong asset.

If this opportunity matches your profile, or if you know someone who could be a great fit, please reach out or share this post.

InformationSecurity #RiskManagement #Consulting #Luxembourg #Cybersecurity

  • (Senior) Information Security Risk

    il y a 2 semaines

    Luxembourg European Investment Bank Temps plein

    The **EIB**, the European Union's bank, is seeking to recruit for its Office of the Group Chief Compliance Officer (GR&C - OCCO) - Group Non-Financial Risk Department (GNFR), Project Management and Information Security Division (PMI), Information Security Risk Unit (InfoSec) at its headquarters in Luxembourg, a **(Senior) Information Security Risk & Business...

  • Senior Information Security Officer

    il y a 12 heures

    Luxembourg AXA Luxembourg Temps plein

    Devenez **Senior Information Security Officer** chez AXA Luxembourg, pour un contrat à durée indéterminée **Notre environnement de travail** Fière d'appartenir au Groupe AXA, une marque d'assurance internationale et un leader mondial des services financiers, la société AXA Assurances Luxembourg est un acteur majeur du secteur des assurances au...

  • Information Security Officer

    il y a 2 semaines

    Luxembourg NTT Temps plein

    NTT is a leading global IT solutions and services organisation that brings together people, data and things to create a better and more sustainable future. In today’s ‘iNTTerconnected’ world, connections matter more now than ever. By bringing together talented people, world-class technology partners and emerging innovators, we help our clients solve...

  • Information Security Analyst

    il y a 2 semaines

    Luxembourg Next Gate Tech Temps plein

    **About Next Gate Tech**: At Next Gate Tech, we create technologies that reshape the landscape of the fund industry operations. We empower our clients by capturing the full potential of harmonized data to drive intelligent and fully automated operations. Our transformative solutions optimize processes, enhance efficiency, reduce risks, and drive cost savings...

  • Information Security Consultant

    il y a 2 semaines

    Luxembourg Luxfactory Temps plein

    Are you a certified Information Security professional looking to take on a high-impact advisory role in a critical infrastructure environment? We are currently hiring an Information Security Consultant for a long-term mission in Luxembourg. The project focuses on strengthening information security governance, risk, and compliance practices in alignment with...

  • Information Security

    il y a 3 jours

    allée Scheffer, Building C, L- Luxembourg - Europe, Luxembourg Crédit Agricole Temps plein

    Informations générales Entité CALI Europe, compagnie d'assurance-vie luxembourgeoise du Groupe Crédit Agricole, est implantée au Grand-Duché de Luxembourg depuis 1998. Elle est filiale de Crédit Agricole Assurances, leader de l'assurance en France.Acteur incontournable du marché, CALI Europe commercialise, au travers d'un réseau de partenaires...

  • Information Security

    il y a 3 jours

    Luxembourg, Luxembourg Crédit Agricole Temps plein

    Description du posteMission:En tant qu'Information Security & Business Continuity Officer, Vous piloterez la sécurité des systèmes d'information et la continuité d'activité de l'entreprise. Vos missions incluent l'évaluation des risques SSI, l'élaboration des plans de continuité, l'accompagnement des métiers dans leurs projets et la sensibilisation...

  • Information Security Manager

    il y a 2 semaines

    Luxembourg China Merchants Bank Temps plein

    H- Posted by - Hongyi Xu- Recruteur Company: China Merchants Bank Luxembourg China Merchants Bank Co., Ltd., founded in 1987, is China’s first joint-stock commercial bank which has been ranked among China’s top commercial banks for many consecutive years. CMB set up a branch that provides commercial banking services in Luxembourg in March 2015 and acts...

  • Information Security Oversight Manager

    il y a 2 semaines

    Luxembourg PayPal Temps plein

    At PayPal (NASDAQ: PYPL), we believe that every person has the right to participate fully in the global economy. Our mission is to democratize financial services to ensure that everyone, regardless of background or economic standing, has access to affordable, convenient, and secure products and services to take control of their financial lives. Job...

  • Information Security Governance Consultant

    il y a 2 jours

    Luxembourg SIRCONSULTING RH Temps plein

    We are looking for our future Information Security Governance Consultant to complete our team. Your missions are defined as follows: - Assist our clients in the implementation of their strategy - Identify the security projects - Assess the maturity of controls - Manage Information Security and its risks Required profile: - Master's degree - SCADA...