Information Security Consultant
il y a 1 mois
**Mission**
In support of the Risk Management team, the Consultant will provide the following services:
- Establish risk guidelines for the information security strategy
- Establish guidelines for the design of the information security controls
- Align the risk appetite for security incidents and vulnerability management with the IT Security function
- Monitor and review the management of security events, incidents, and vulnerabilities upon their conclusion
- Establish an Identity and Access Management (IAM) policy, review the implementation of the controls and conduct periodic reviews of user access
- Participate in the planning of IT security assessments and penetration testing by the IT Security function and review the status of the follow-up actions
- Review the management of IT security incidents
- Review the management of web activities reports
- Review the performance monitoring reports (availability, backup, capacity, network)
- Provide input to the trainings and phishing exercises organised by IT&FM
- Perform periodic reviews of the information security risk assessments conducted for prospective service providers and the risk assessments conducted pursuant to the Outsourcing Policy
- Establish information security rules which are reflected in Information Security Policy
**Deliverables**
The Consultant will be responsible for providing the following deliverables:
- Conduct a thorough assessment of our current information security protocols and procedures
- Contribute to defining the Information Security Strategy, including cyber risks mitigation
- Develop a comprehensive report detailing areas of vulnerability, potential threats, and recommendations for improvement
- Work with our IT Security department to implement recommended changes to current systems and policies
- Provide ongoing support and monitoring to ensure that information security measures remain effective and up to date
- Review and enhance Information Security training programs
- Support with the procurement and assessment of new IT systems and outsourced providers
- Design and perform regular IT access review and implementation of IT controls
- Provide assurance to the overall User Access Management Process on a periodical basis
**Skills**
The Consultant will have the following profile:
- Degree level education in field of IT risk management, Computer Sciences, information management or related disciplines
- Minimum 8 years relevant experience in Information security or related activities
- Proven track record of success in information security implementation, information security audit, preferably in a financial services domain
- Experience of Information Security Policy implementation and maintenance
- Knowledge of relevant ISO standards (e.g. ISO/IEC 2700x)
- CISA/CISSP or equivalent certification
- Technically expert in information security with a strong understanding of industry best practices and regulations
- Knowledge of principles and techniques of information security risk analysis and assessment
- Experience of incident management and/or crisis management response procedures
- Experience of investigation and response management
- Experience of developing and implementing monitoring, performance, and reporting metrics
- Exposure to operational risk management and activities will be considered a plus
- Strong written and verbal communication skills
- Fluency in English
-
Information Security Consultant
il y a 1 mois
Luxembourg Lux-Advisory Temps plein**Lux-Advisory **is a company specialized in project management and business analysis. Our consultants take part in European or International projects. To support the increase of our activity, we are currently looking for a **Information Security Consultant.** **Mission** In support of the Risk Management team, the Consultant will provide the following...
-
(Senior) Information Security Officer
il y a 6 jours
Luxembourg European Investment Bank Temps pleinThe **EIB**, the European Union's bank, is seeking to recruit for its **Group Risk & Compliance Directorate (GR&C) - Office of the Group Chief Compliance Officer (GR&C-OCCO) - Group Non-Financial Risk Department (GNFR), Project Management and Information Security Division (PMI), Information Security Risk Unit (InfoSec)** at its headquarters in Luxembourg, a...
-
Information Security Officer
il y a 2 semaines
Luxembourg, Luxembourg Luxair Temps pleinFor our department IT Security within General Services, we are looking for a (an):Information Security Officer (m/f/x)Description:As Information Security Officer you will activelycontribute to maintaining and strengthening Luxair group's information securityposture.Drivenby a strong interest in cybersecurity, you will actively support the Head of...
-
Cyber Security Consultant
il y a 2 semaines
Luxembourg Deloitte Temps pleinYour future team Deloitte provides a broad range of cyber security services to respond to a fast-paced and ever-changing environment. Our cyber security experts have hands-on experience not only in assessing complex networks and systems, but also in designing and implementing information security governance and transformation programs. As a...
-
Cyber Security Consultant
il y a 2 semaines
Luxembourg Deloitte Temps pleinYour future team Deloitte provides a broad range of cyber security services to respond to a fast-paced and ever-changing environment. Our cyber security experts have hands-on experience not only in assessing complex networks and systems, but also in designing and implementing information security governance and transformation programs. As a...
-
Information Security Risk Analyst H/F
il y a 2 semaines
Luxembourg, Luxembourg Arhis Temps pleinArhis People Solutions is your trusted partner for all your human resources needs. With a tailor made approach and a commitment to integrity, we offer comprehensive services, from recruitment to talent management. Information Security Risk Analyst About our ClientOur client is a major player in Luxembourg's finance industry and as a signatory of the UN...
-
Senior Security Compliance Consultant
il y a 2 semaines
Luxembourg Devoteam Temps pleinDevoteam is an AI-driven tech consulting firm specialised in cloud platforms, cyber, data, and sustainability. Tech native for almost 30 years, Devoteam guides businesses through sustainable digital transformation to deliver value. With over 11,000 tech architects in more than 25 countries across Europe, the Middle East, and Africa, Devoteam is committed...
-
Information Security
il y a 2 semaines
Luxembourg, Luxembourg Crédit Agricole Temps pleinDescription du posteMission:En tant qu'Information Security & Business Continuity Officer, Vous piloterez la sécurité des systèmes d'information et la continuité d'activité de l'entreprise. Vos missions incluent l'évaluation des risques SSI, l'élaboration des plans de continuité, l'accompagnement des métiers dans leurs projets et la sensibilisation...
-
Information Security, Senior Officer
il y a 6 jours
Luxembourg Arendt & Medernach Temps pleinArendt & Medernach is the leading independent business law firm in Luxembourg with over 800 professionals. The firm’s international team of more than 450 legal experts represents Luxembourg and foreign clients in all areas of Luxembourg business law from its main office in Luxembourg and representative offices in Frankfurt, Hong Kong, London, New York, and...
-
Information Security, Senior Officer
il y a 2 semaines
Luxembourg, Luxembourg Arendt & Medernach Temps pleinArendt & Medernach is the leading independent business law firm in Luxembourg with over 800 professionals. The firm's international team of more than 450 legal experts represents Luxembourg and foreign clients in all areas of Luxembourg business law from its main office in Luxembourg and representative offices in Frankfurt, Hong Kong, London, New York, and...
