Information Security Officer

jao.eu

Description

In the context of reinforcing its operations and the implementation of ISO27001, JAO is in search for an Information Security Officer able to on-board and to develop quickly in a diverse IT eco-system.

The person is foreseen to take over a series of duties associated with the ISMS management and to deliver support in the projects design and support and contribute actively in the implementation phases. The function will be in charge of supporting the implementation and following-up compliancy of the information security strategy and policies, to ensure confidentiality, integrity and availability of all information assets.

The Information Security Officer will monitor information security, cybersecurity and contributing to IT risk management programs based on industry-accepted information security and risk management frameworks. The person will work within the domain of the Chief Operations Officer and report directly with the Risk Manager who defines the information security roadmap and strategy, to help improve and communicate the maturity levels of information security, state of cybersecurity and IT risk practices across JAO. The person will support the Information Technology organization in regards to the implementation of information security strategy and policies.

**Responsibilities**:

- Support and implement information security policy, within the strategic goals of the organization, and translate this into information security concepts;
- Coordinate the continuous development, implementation and updating of security and privacy policies, standards, guidelines, processes and procedures in compliance with regulations and/or standards;
- Supporting and coordinating vulnerability and penetration tests with third parties, identifying, and defending against threats and coordinating follow-up actions;
- Analyze the information security risks and support different audits, as well as participate in the internal & external risk management processes;
- Following audits, propose practical and pragmatic action plan and technical and/or organizational measures to the management;
- Design and implement required controls related to information security;
- Proactive identification and reporting of information security risks as well as responding to observations identified by third party auditors;
- Assisting in the development of periodic reports and dashboards presenting the level of controls compliance and current information security risks;
- Coordinate and assist information securityaudits and facilitate management response and remediation efforts;
- Support compliance officer to ensure overall IT compliance with regulatory requirements through proactive planning and communication;
- Assist during and report follow-up of cyber security incidents;
- Draft and propose disaster recovery plans;
- Support and enhance information systems security management awareness and provide trainings about information security.

Must Have Requirements
- Degree (or equivalent) in IT, engineering, or a related field;
- You have 2-5 years of experience in information security or information security advisory;
- Demonstrable evidence of analyzing, defining, documenting and implementing information security processes;
- Good presentation and communication skills;
- Knowledge of common information security management frameworks, such as ISO/IEC 27001;
- Familiarity with Network security and architecture;
- Familiarity with System hardening standards on Linux & Windows;
- Fluent in English with excellent written and spoken skills, any other language will be an advantage.

Nice To Have Requirements
- Experience with information security audits, reviews, and assessments, such as SOC II/ISAE 3402 is considered as an advantage;
- Experience with working with Security Operations Centers is considered as an advantage;
- Recent trainings or certifications in the area of information security, are considered as an advantage;
- Good problem-solving skills;
- Attention to detail.

We offer:

- 31 days holidays per year;
- Up to 40% of home office for Luxemburgish residents, 25%max for non residents;
- 150 Euros per month towards transportation (Bus/Train) or full reimbursement of parking tickets outside the office;
- 50 Euros per month towards sport;
- 18 Luncheon vouchers per month;
- DKV private health insurance for you and your close family members (Optional);
- Pension plan, including Life and Disability Benefits;
- 1,000 Euros towards training per year.