Information Security Officer (m/f/d)

Line of Service

Internal Firm Services

Industry/Sector

Not Applicable

Specialism

IFS - Risk & Quality (R&Q)

Management Level

Associate

Job Description & Summary

Pwc Luxembourg is hiring an Information Security Officer (m/f/d). What if it was you? 

 

Who we are: We are the largest professional services firm in Luxembourg, providing audit, tax and advisory services including management consulting, transaction, financing and regulatory advice to a wide variety of clients. To make it happen, we count on the expertise of over 3,700 people from more than 94 different countries, who strive every day to reach excellence and team up to solve important problems through innovative solutions. We value diverse and singular career paths, embrace everyone's unique self and encourage our People to fuel their potential in a work environment that is inclusive, stimulating, and motivating. 

 

Your mission: As an Information Security officer, you will join a team of experienced Information Security professionals working as an internal service team part of the Risk and Quality department. Independent from the IT and operational teams, you will be part of the ‘second line of defense’ acting in the governance side of Information & Cyber Security. You will closely interact with technical teams to maintain a high level of security standard, in compliance with the PwC Network, applicable laws and regulations, and our Clients’ expectations. While being a member of the Luxembourg PwC Firm, you also be considered as a member of the PwC Network’s Information Security team and will be interacting with your peers and with PwC Global security teams worldwide.

Be a part of our team where you will:  

• Analyze security audit reports (from pentests, red team exercises, security assessment tools, etc.), understand the vulnerabilities and establish action plans to remediate them. You will liaise with our IT specialists to find the most appropriate remediation and ensure the follow up of the action plans until they are completed;
• Participate to our vulnerability management and security hygiene activities;
• Assessing the security of our service providers (especially on the cloud) and identifying associated risks;
• Draft communications and responses addressed to clients seeking to assess our security measures;
• Provide assistance in collecting evidences, explanations, and follow up of recommendations in the context of the security audits to which we are subject to;
• Draw-up security procedures and policies;
• Participate in the life cycle of our Information Security Management System, which is ISO 27001-certified;
• Maintain an effective and constant communication with our various stakeholders (IT, internal and external clients, Risk & Quality teams and leaders, etc.);
• Act as a security consultant on joint projects, as well as with the global PwC network on international projects and initiatives.
  
  

Besides this, you will be lending your expertise and supporting the team in performing recurrent team activities daily, such as:

• Participating to the design and deployment of the security awareness program for employees;
• Intervene in the treatment of Information Security incidents;
• Performing security audits of our systems and applications and;
• Supporting the Service Desk at level 3 in handling tickets relating to security aspects.
  
  

Let’s talk about you. If you … 

• Have a master’s degree in Computer Science or equivalent with a specialization in information security;
• Are proficient in English, French is an asset;
• Have excellent communication and writing skills;
• Have a team spirit;
• Have talent for negotiating with various stakeholders and have a good analytical thinking to help finding the most appropriate solutions;
• Are meticulous, methodical and proactive;
• Can handle pressure and manage priorities and time constraints;
• Have a certification in information security (CISM, CISA, CISSP, CRISC, ISO 27001, Lead Auditor/Implementer, etc.), it would of course be an asset;
  
  

Furthermore, you have a good knowledge of the following:

• Windows environments (OS, Active Directory, SharePoint);
• Security in web and cloud environments (Azure, AWS);
• Vulnerability Management;
• Risk-analysis methods.
• A good understanding of ISO 27001 and other security standards will be an asset.
  
  

…You are the candidate we are looking for! 

 

A final word about us:  

At PwC, we believe diversity is the representation of all the characteristics that make us both alike and unique. Our backgrounds, cultures, nationalities, lifestyles, identities, opinions and beliefs, approaches to solving problems, ways of working, and views of personal and professional success, all add value to the services we deliver to our clients. Our objective is to nurture an inclusive environment where a diverse mindset is ingrained, and inclusion is the norm. We constantly focus on respecting and valuing individual differences. 

 

Ready to grow your potential, reaching excellence together? Apply now!  

 

Want to keep up with our latest updates? Follow us on: LinkedIn | Instagram | Twitter | Facebook | TikTok 

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure, Operating Model, Optimism, Privacy and Security {+ 6 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

Yes

Government Clearance Required?

No

Job Posting End Date