Cybersecurity Risk & Compliance Consultant

Location: Hybrid – Luxembourg

Start Date: June 2025

Contract Type: Freelance / B2B

Overview:

A leading public-sector institution is seeking an experienced Cybersecurity Risk & Compliance Consultant to support its structured risk management initiatives within the ICT environment. The role focuses on assessing cybersecurity risks, maintaining governance documentation, and following up on internal controls and action plans in line with strategic and operational goals.

Key Responsibilities:

• Coordinate and execute cybersecurity risk assessments and ensure proper documentation in the risk register.
• Support the collection, verification, and analysis of risk-related data from technical teams.
• Draft and maintain action plans, recommendations, and reports on cybersecurity posture and improvements.
• Collaborate across departments to integrate risk-by-design principles into operations and projects.
• Assist in incident analysis and follow-up, ensuring findings are recorded and addressed.
• Monitor and report on the progress of risk mitigation measures and internal control frameworks.

Requirements:

• Master’s degree in Cybersecurity, Information Systems, or a related field.
• 6+ years of relevant experience, including:
• 3 years in ICT security governance or ISMS implementation.
• 2 years managing or leading cybersecurity-related projects.
• At least one recognized security certification (e.g., CISSP, CISM, CISA).
• Fluent English (written and spoken); knowledge of French is a plus.
• Strong skills in documentation, stakeholder coordination, and structured reporting.