Information Security Governance Consultant | HT2025PM0701

Customer

Customer is a consulting and technology integration firm specializing in the field of intangible asset security.

Based in the Grand Duchy of Luxembourg since 2012, they support clients throughout the lifecycle of their information systems. Their consulting role allows them to work across the entire project spectrum, and their integration expertise allows them to be a complete partner for their clients in implementing their recommendations.

Language

Language

Level

Frequency

Level

French

Fluent

Daily

C1 – C2

English

Professional

Daily

B1

Job Summary

As an Information Security Governance Consultant, you will be part of a multidisciplinary team and you will work in the Information Security Governance department. The team is made of experienced and junior consultants with a mix of specialties proper to each consultant. The team is in charge of information security governance consulting and support. We also provide services in the following areas:

· Definition of an organization’s security strategy and establishment of its short, medium and long-term security program;

· Management and organization of information security and establishment of the governance framework (security policies);

· Information security risk management;

· Resilience support (BCP/DRP, incident management, cyber crisis management, etc.);

· Cloud services security;

· Support for regulatory compliance (GDPR, CSSF, etc.) and standards compliance (ISO 27001, NIST CSF, CIS 20 certification);

· CISO support or CISO function within an organization take-over;

· Information security maturity assessment and audit.

The objective of the services provided by the Information Security Governance team is to understand and analyze the business needs of our clients and to decline them into Information Security requirements. Therefore, the team is able to assist clients in their maturity increase through the different approaches defined within the department.

Responsibilities & Duties

As an Information Security Governance consultant, mostly known as ISG, you will first need to have a structured risk approach and a good knowledge of the implementation of security measures in organizations. Your main objective will be to assist our clients in the implementation of their strategy by identifying the security projects to be initiated, assessing the maturity of controls and advising the choice of treatment to be adopted regarding the risks organizations are facing. The objective is to make information security a determining element in the value of the company while being pragmatic with the realization of the field.

You are passionate about Information Security and have the ambition to work in the governance aspects of the business. From an engineer level or equivalent, you possess the necessary knowledge to manage Information Security and its risks.

Essential Skills

· You understand how governance can structure an information security approach;

· You are constantly on the lookout for issues related to cybersecurity;

· You communicate with ease and you know how to convey clear messages to different interlocutors (Management, CISO, IT, Business, etc.);

· You have strong writing and analytical skills;

· You propose structured approaches and are organized in your work;

· You are able to step back from a problem and have a long-term vision of how to address it;

· You are familiar with security standards (ISO 27001, NIST CSF, CIS 20, SWIFT, etc.);

· You possess certifications such as CISSP, ISO27001 Lead Implementer / Lead Auditor, ISO27005 Risk Manager, CISM, etc;

· You understand the technical issues specific to information systems (networks, systems, etc.);

· Level required in French: fluent to native (written and oral) equivalent to C1 -C2;

· English level required: good (written and oral) equivalent to minimum B1.

Nice to have Skills

Background Check Required

N/A

Benefits

· Salary commensurate with experience

· Variable: Depending on the employee's and company's performance

· Company car or budget leasing

· Fuel card (even if the person does not want a company car)

· Health insurance (dental, hospital, and vision)

· Teleworking according to current quotas (depending on the country of residence)

· Pension plan (the company contributes €1,000/year for the employee)

· Internal and/or external training covered by the company

· Sympass card covered 100%

· Agreement with banks

Interview Process

Two interviews are planned:

HR telephone interview

Technical interview with the manager (by phone, in-person, or in person).

Guarantee Period

· 30 Days. A written confirmation is required from the candidate at the time of profile submission.

· We do not sponsor work visa. Applicant must have valid work eligibility to apply for this position.