Luxair
Information Security Officer (m/f/x)
LuxairLuxembourg1 day ago
Full-timeInformation Technology
For our department IT Security within General Services, we are looking for a (an):

Information Security Officer (m/f/x)

Description:

As Information Security Officer you will actively contribute to maintaining and strengthening Luxair group's information security posture.

Driven by a strong interest in cybersecurity, you will actively support the Head of IT Security in coordinating and implementing risk-based security measures, ensuring that policies, controls, and processes effectively protect the Group’s information assets and support all related activities of the IT department.

Responsibilities:

  • Ensure effective security monitoring and incident response through analysis of security logs using the existing SIEM, working with the Managed SOC to validate alerts, minimize false positives, detect threats, and develop incident response playbooks for coordinated, timely actions
  • Support the overall identity and access control management process, including Identity and Access Management (IAM), Privileged Access Management (PAM), and Identity Governance and Administration (IGA), ensuring proper user lifecycle management, access provisioning, privileged account protection. While promoting secure access practices across the organization
  • Conduct risk and security assessments for internal and third-party solutions in line with established standards
  • Contribute to the design, execution, and follow-up of vulnerability assessments, and penetration testing, ensuring timely remediation of identified weaknesses
  • Contribute to the creation and maintain up-to-date baselines, secure configuration and system hardening activities with internal technical teams
  • Develop and maintain information security policies, standards, and procedures, ensuring compliance with frameworks such as PCI-DSS, and supporting related audits and assessments
  • Contribute to the information security awareness program

Education & Skills

  • Bachelor’s in computer science/information security or equivalent combination of education and experience that satisfy the requirements of the position
  • Previous relevant experience in Information Security
  • Have knowledge of enterprise security concepts: Zero Trust, Least Privileges, IAM, PAM, IGA, MFA, SSO, Secure by Design, Defense in Depth, SSDLC, Cryptography, etc.
  • Hands on experience operating security solutions (e.g. vulnerability scanners, EDR, …)
  • Hands on experience operating an Identity Governance and Administration (IGA) and Privileged access management (PAM) solution
  • Good analytical skills with the ability to clearly explain and summarize ideas
  • Excellent verbal, written and interpersonal communication skills in English

Desired or to be acquired criteria

  • Knowledge of industry best practices, standards, frameworks and regulations (NIST CSF, ISO27001, ISO27005, GDPR, NIS2, PCI-DSS…)
  • Hands on experience in IT infrastructure (e.g., Network, Unix, VMWare, Backups, Windows, …)
  • Ability to collaborate with both technical and non-technical staff
  • Strong passion and interest in information security
  • Organized, proactive and customer-oriented
  • Strong critical thinking and problem-solving skills
  • Self-motivated individual and able to work methodically with minimal supervision
  • Positive can-do attitude with a mature and professional approach
  • Skills in French or other languages (spoken and written)

The ideal candidate :

  • Knowledge of Luxemburgish or any other language is considered as asset

Key Skills

Ranked by relevance
Apply