Cybersecurity BAU Consultant

About the Role

We are looking for an IT Cybersecurity Implementer Consultant to support the operational cybersecurity activities, governance, risk documentation, and security reporting for an international financial institution in Luxembourg.

You will work as part of the Cybersecurity team, contributing to BAU activities, security assessments, documentation, reporting, and coordination with internal and external stakeholders.

The working language is English, and it is a multi-cultural environment for an IT project in the Public Sector.

Your Responsibilities

You will support the institution’s cybersecurity operations by:

🔹 Security Operations & BAU

• Handling security incidents and security-related user requests
• Supporting vulnerability management, including following up remediation
• Supporting the coordination and remediation linked to penetration tests
• Performing threat analysis, including spam/phishing message assessment
• Monitoring and assessing relevant threat intelligence sources

🔹 Governance, Risk & Compliance

• Supporting cybersecurity governance and compliance activities
• Contributing to internal cybersecurity assessments (e.g., DLF)
• Preparing and updating cybersecurity documentation, policies, and procedures
• Preparing documentation for internal and external audits

🔹 Reporting & Documentation

• Preparing security service reports (e.g., incidents, vulnerabilities, patching, risk indicators)
• Contributing to KRI reporting, dashboards, and other risk metrics
• Creating or reviewing security requirements, test cases, and plans
• Preparing material for cybersecurity governance meetings (agendas, minutes, summaries)
• Performing quality assurance on cybersecurity documentation

🔹 Other Activities

• Supporting business continuity and disaster recovery activities
• Contributing to security awareness initiatives
• Coordinating tasks with external service providers
• Supporting reviews of cybersecurity tools and market evolution

Your Profile

Education

• Bachelor’s degree (minimum 3 years), Master’s degree, or PhD
• Degree in computer science, cybersecurity, engineering, or other ICT fields
• A non-IT degree may be accepted if combined with significant ICT work experience

Technical Skills

• Experience in incident management
• Experience following up vulnerability remediation
• Ability to support penetration testing activities
• Experience performing threat analysis
• Familiarity with NIST Cybersecurity Framework and/or Essential Eight
• Understanding of Microsoft 365 and Azure security areas (knowledge required as a strong advantage)
• Experience supporting threat intelligence, BCP/DR, and governance tasks
• Broad understanding of cybersecurity tools, concepts, and practices

Soft Skills

• Proactive “can-do” attitude
• Ability to work independently on BAU and governance tasks
• Strong stakeholder coordination skills
• Ability to organize meetings and maintain documentation
• Excellent written and spoken English

If you would like to apply, please send your CV in English, highlighting your experience in incident handling, vulnerability management, governance support, threat analysis, and cybersecurity documentation, via Linkedin or at the following email: [email protected]

Please read carefully the privacy policy available here and submit your application by attaching your CV. We remind you that, pursuant to Article 111-bis of the Privacy Code, it is not necessary to obtain authorization for the processing of personal data contained in your CV.