Information Security Manager (m/f)

Experis IT Luxembourg is looking for an Information Security Manager (m/f) for one of its clients in Luxembourg.

Your responsibilities

Develop the Information Protection Strategy

• Work closely with top management to define data security policies and access governance rules
• Set security-related goals and key performance metrics based on ISO27001:2022 and national requirements
• Allocate internal responsibilities, roles, and user access privileges across systems
• Identify necessary compliance programs (e.g., ISO certifications, PSDC standards, CSSF directives)
• Outline actionable plans to meet strategic information protection objectives

Implement and Manage the ISMS

• Write and maintain ISMS-related documentation including frameworks, procedures, and performance trackers
• Coordinate with internal departments to align cybersecurity activities
• Deploy risk mitigation measures like business continuity plans, recovery strategies, and vulnerability assessments
• Handle risk evaluation, incident response, and breach management
• Organize employee education and engagement on data protection and cybersecurity awareness
• Contribute actively to executive reviews by reporting on security operations and improvements

Supervise and Ensure Regulatory Compliance

• Monitor and uphold adherence to evolving legal and technical requirements
• Review and improve the ISMS performance and ensure its ongoing relevance
• Confirm and revise access rights across all business-critical systems
• Participate in internal and external compliance audits and oversee the completion of any corrective actions

Drive Ongoing Security Enhancements

• Advise leadership on new cyber threats, trends, and technological opportunities
• Suggest updates to current protocols and enhance security practices
• Assist in maintaining and renewing organizational certifications related to information security

Your profile

• Degree in IT or any related field.
• Minimum of 5 years' experience in Luxembourg in an operational position focused on information security
• In-depth knowledge in at least one of the following domains: IT and systems security, electronic document preservation and dematerialization services & ICT risk and cybersecurity compliance.
• ISO 27001 Lead Implementer certification is mandatory.
• Solid understanding of IT environments and electronic document management systems.
• Fluent in French and good level in English.

Client’s offer

• WorkA hands-on, career-boosting experience in a dynamic and supportive environment
• Modern workspace designed with employee well-being in mind
• Inclusive international team with a strong culture of collaboration and community

If you are interested by this opportunity, do not hesitate to apply here or to contact me directly: [email protected]