Security Analyst

Cybersecurity Analyst - Freelance/B2B

Location: Luxembourg (Hybrid - weekly presence onsite)

Contract Duration: 24 Months Project

About the Role

We are looking for a Cybersecurity Implementer Consultant to support a major Client in Luxembourg. This role focuses on day-to-day security operations, vulnerability management, threat analysis, cloud security, and coordination activities across internal teams and external service providers. The mission involves hands-on security work within a highly regulated and complex IT environment.

Key Responsibilities

Security Operations & BAU Activities

• Handle and investigate security incidents, including phishing, malware, and suspicious activity alerts.
• Respond to user security requests and provide technical guidance where needed.
• Analyse threats (spam/phishing campaigns) and ensure appropriate remediation steps are executed.
• Track and follow up on vulnerability remediation actions with technical teams.
• Lead or support BAU security initiatives and ensure the timely delivery of assigned tasks.

Threat, Vulnerability, and Testing Activities

• Conduct or contribute to vulnerability assessments and threat intelligence analysis.
• Support penetration testing activities and secure code reviews.
• Evaluate findings from security tools and help prioritise remediation.

Cloud & Microsoft Security Expertise

• Advise internal teams on security best practices within Microsoft 365 and Azure environments.
• Assist with review and improvement of architectures, configurations, and operational security controls.

Continuity, Governance & Risk

• Contribute to business continuity planning and disaster recovery activities.
• Support cybersecurity exercises and preparedness initiatives.
• Assist in governance-related tasks (risk management, policy updates, compliance alignment).
• Help align internal processes with recognised standards such as NIST CSF or the Australian Essential Eight.

Coordination & Stakeholder Communication

• Work closely with third-party security service providers on assigned topics.
• Organise and participate in meetings, preparing agendas, minutes, and action tracking.
• Provide clear reporting and documentation for all security-related activities.

Required Skills & Profile

Educational Background

• Bachelor’s degree or higher in Information Technology, Cybersecurity, Engineering, or similar.
• Non-technical degrees may be considered when combined with relevant professional experience.

Professional Experience

Depending on seniority submitted:

• Junior Consultant: 0–3 years
• Consultant: 3–7 years
• Senior Consultant: 7–10 years

Technical Competencies

• Strong understanding of core cybersecurity principles, operational security, and common security tools.
• Hands-on experience in:
• Incident response & threat analysis
• Vulnerability management
• Malware/phishing investigations
• Cloud security (Azure, Microsoft 365)
• Experience with penetration testing activities or secure code assessment is a plus.
• Familiarity with cybersecurity frameworks (NIST CSF, Essential Eight) is an asset.
• Project management certifications (PM2, Prince2, PMI) are considered beneficial.

Soft Skills

• Proactive, solution-oriented mindset (“can-do” attitude).
• Strong analytical and problem-solving skills.
• Ability to work independently on assigned tasks and BAU initiatives.
• Comfortable coordinating with internal teams and external providers.
• Excellent communication skills in English (C1 or above).
• Strong organisational skills, including meeting preparation and follow-up.

Work Environment & Onsite Requirement

This is a hybrid assignment with 80% onsite work in Luxembourg (4 days per week).

Remote work is limited to one day per week and only with prior agreement.