HubMub
-
Cargolux Airlines

Information Security GRC Engineer

Cargolux Airlines
Luxembourg · Full-time · Entry
Task Responsibilities:

Information Security Management System (ISMS):

  • Develop and maintain the ISMS at Cargolux,
  • Define and continuously improve relevant processes and procedures related to Governance, Risk and Compliance,
  • Measure the ISMS efficiency and effectiveness as well as its implementation and report on any deviations,
  • Maintain the security awareness program and trainings contents,
  • Manage the GRC solution.

Risk management:

  • Perform the Information Security risk assessment,
  • Ensure the risk management process is implemented and SLAs are respected,
  • Challenge and identify control implementation gaps and missing controls,
  • Define risk treatment plans and track their implementations.

Compliance:

  • Track compliance requirements and define strategies to achieve compliance,
  • Monitor status of compliance and report gaps/ risks,
  • Prepare and maintain regulatory deliverables,
  • Support different audit activities: internal to CV and external (third parties or authorities)
  • Lead and manage ISO27001 certification process and track and implement ISO27002 controls.

Essential Requirements For The Position:

Qualifications:

  • Minimum 5 years of experience in similar position.
  • Master degree in Information Security management, Cybersecurity, or any related field,
  • Information Security relevant degrees or certifications (e.g., ISO27001 Lead Implementer, CISSP, CISA, CRISC, ...).

Technical skills:

  • Experience with GRC tools and technologies, and familiarity with cloud security best practices and risk management,
  • Proven experience with Risk assessment and a good understanding of controls' relevance and sufficiency,
  • Experience with the entire controls monitoring life cycle, including identifying, assessing, monitoring, and re-mediating controls,
  • Proven experience in building Information Security related processes (e.g. Risk management process),
  • Proven experience in developing policies, standards and procedures,
  • In-depth knowledge of security frameworks, standards and regulations: ISO27001, SOC2, NIST CSF, NIS/ NIS2.

Soft skills:

  • Detail-oriented,
  • Strong verbal and written communication skills,
  • Leadership and influence: manage and drive complex projects, and manage multiple high-priority tasks, and collaborate with diverse teams,
  • Innovation and problem solving: develop solutions to overcome faced challenges (internal: organization, processes,.. and external: regulatory or contractual...).

Working Conditions:

  • Full-time, permanent position based in our HQ in Luxembourg
  • A Certificate of good conduct (Casier judiciaire, Polizeiliches Führungszeugnis) will be required in case of positive selection
  • The internal title for this position will be "Engineer Information Security"

Benefits We Offer

  • Flexible working hours and a work from home policy
  • Company car
  • Additional health insurance
  • 27 vacation days and additional 4 special paid-off days (incl. annual vacation allowance)
  • Numerous discounts in the wider region as well as selected travel discounts
  • Trainings and career mobility opportunities within the various departments
  • On-site parking and canteen (with subsidized meal vouchers)

Key Skills

Ranked by relevance

cloud security cybersecurity cissp cloud cisa nist
Login to Apply
🇱🇺

Country Guide

Luxembourg

High-value international enterprise and fintech hub

Posted
Feb 27, 2025
Type
Full-time
Level
Entry
Location
Luxembourg
Company
Cargolux Airlines

Industries

Airlines Aviation

Categories

Information Technology

Related Jobs

3 roles aligned with this opportunity

View all jobs
View Job Details
Queensland Airports Limited
Related

Senior Cyber Analyst

2026-05-26

Full-time
Not Applicable
Australia
Airlines
Engineering
View Job Details
Airbus
Related

ATR - Cybersecurity Manager

2026-05-25

Full-time
Not Applicable
France
Aviation
Information Technology
View Job Details
Qatar Airways
Related

TS Systems Engineer

2026-05-27

Full-time
Not Applicable
Qatar
Airlines
Information Technology