IT GRC Specialist

EDAN Luxembourg is a Consultancy company, specializing in connecting top-tier talent with roles in the vibrant job market of Luxembourg. With a focus on Information Technology, Finance, and Insurance, we understand the unique demands of these sectors and work diligently to match skilled professionals with the perfect opportunities.

We’re looking for a GRC Specialist (m/f) to join our client on-site in Luxembourg.

Mode: On-site with teleworking flexibility, aligned with current legislation

Contract: CDI (open for permanent employees and/or freelancers)

Language requirement: Fluent French & English.

Salary: To be discussed.

Location: Luxembourg

Responsibilities:

• Policy Development and Implementation: Develop, implement, and maintain governance, risk management, and compliance;
• Risk Assessment and Management: Conduct regular risk assessments to identify, evaluate, and prioritize risks across the organization, ensuring timely mitigation actions are implemented. Establish risk management framework processes and tools to monitor compliance with security standards and policies.
• Regulatory Compliance: Monitor compliance with information security and privacy policies, ensuring adherence to standards such as ISO 27001, GDPR, and other relevant regulations. Coordinate the treatment of non-conformities and exceptions to information security policies, norms, and laws.
• Audit and Assessment: Conduct audits against various standards and regulations, including ISO 27001, PCI DSS, and GDPR.​ Perform internal and external information security risk and compliance assessments, documenting findings and providing remediation guidance. ​
• Training and Awareness: Design and implement comprehensive information security and cybersecurity awareness and training programs on various topics.​ Develop and deliver training materials to foster a culture of security awareness within the organization. ​
• Stakeholder Collaboration: Work with cross-functional teams and interface with third parties to support compliance and risk management activities.​ Provide expert guidance on best practices in information security and cybersecurity to internal and external stakeholders.

Qualifications:

• Bachelor's or Master's degree in Information Technology, Information Security, Risk Management, or a related field.​
• At least 3-5 years of experience in information security, cybersecurity, or related fields, with a focus on compliance and risk management.​
• Proven experience managing cybersecurity control programs with in-depth knowledge of frameworks such as the ISO 27000 series, GDPR, and other regulatory requirements.
• Certifications such as ISO 27001 Lead Implementer, ISO 27005 Risk Manager, CISSP, CISM, or similar are highly desirable. ​

Why Join Us?

At EDAN, we believe that happy employees drive success. As an IT consultancy that truly values its people, we foster a culture of growth, recognition, and collaboration. From quarterly business lunches to celebrating achievements, we ensure your hard work never goes unnoticed.

What We Offer:

• A Rewarding Package that reflects your talent

• Permanent contract

• Continuous Learning

• Career Advancement

How to Apply:

If you meet the qualifications for this role, please apply below or send your CV directly to: [email protected]

#ITJobs #Hiring #CareerGrowth #TechInnovation #luxembourg #luxembourgjobs #europejobs