IT Risk Consulting - Manager/Senior Manager

HACA Partners in brief

Created in 2016 in Luxembourg, HACA Partners is an approved audit firm (cabinet de révision agréé - supervised by the CSSF) focusing its energy and expertise to its core businesses:

• External Audit
• Internal Audit
• Regulatory & Compliance
• Risk Management
• Consulting services (Transactions Services, Valuation, Corporate Finance, IT Consulting, ESG, etc.)

Humility, Availability, Competencies, and Accountability are the values that shape our DNA; our objective is to offer tailored services of professionals with a wide range of experience and expertise. Since its launching, the firm is in constant development with a team now composed of more than 130 professionals across its offices in Luxembourg, Dakar, Casablanca and Paris.

As part of our ongoing expansion, we are significantly strengthening our IT Consulting Services, with a focus on:

• Cybersecurity
• Digital Operational Resilience Act (DORA)
• GDPR & Data Protection
• Business Continuity
• IT Project Management
• Digitalization and Artificial Intelligence (emerging areas)

About your future Business Line

Consulting

Within the consulting team, we provide secondment solutions to clients looking for experienced and specific profiles and we support our clients in various areas, among which corporate finance, valuation, ESG, project management and process improvement.

About your role

What you will do:

• Conduct Information Security and Business Continuity (gap assessments, audits, and remediation planning) across complex systems and applications
• Analyze IT, cyber, and operational risks, identify potential threats, and design effective mitigation strategies and control frameworks
• Review, design, and enhance policies, procedures, and governance frameworks aligned with regulatory requirements and industry best practices
• Support and deliver Digitalization initiatives and assignments, including:
• Assessing and optimizing digital processes and IT landscapes
• Supporting digital transformation programs with a strong focus on risk, security, and compliance
• Advising on tooling, automation, and process improvements
• Contribute to AI-related initiatives, including:
• Assessing risks related to Artificial Intelligence solutions (data privacy, model governance, bias, explainability)
• Supporting the implementation of AI governance and control frameworks
• Participating in AI use case assessments and readiness reviews
• Supporting the implementation of AI use cases
• Stay up to date with emerging technologies, including AI and digital trends, as well as evolving regulations and best practices
• Deliver end-to-end client engagements, including planning, execution, reporting, and follow-up
• Execute ad hoc advisory projects such as due diligence, regulatory readiness (including DORA), and IT architecture reviews
• Prepare clear, concise, and impactful reports with actionable recommendations for senior stakeholders and executive management
• Support the development and delivery of internal and client-facing training programs (cybersecurity, AI, digital topics)
• Identify business development opportunities within ongoing engagements and contribute to proposals and client development
• Contribute to the growth and structuring of the IT Consulting practice, including Digitalization and AI service offerings
• Build and maintain strong relationships across teams, stakeholders, and business lines

About your mission

What we are looking for a person:

• Strong intellectual curiosity, with a genuine interest in understanding how systems, processes, and emerging technologies operate
• A risk-oriented mindset, able to anticipate issues across IT, cybersecurity, digital transformation and AI environments
• Ability to analyze and synthesize complex information from multiple stakeholders and translate it into clear, actionable recommendations
• Capability to bridge technical, business, and regulatory perspectives, advising on process improvements, digital initiatives, and architecture changes
• Interest and affinity for Digitalization and Artificial Intelligence topics, with a willingness to continuously learn and adapt
• Excellent written and verbal communication skills, with the ability to engage effectively with senior stakeholders and executive management
• Proven ability to work independently and collaboratively in multidisciplinary and international environments
• Strong organizational and time management skills, with the ability to manage multiple priorities and deliver high-quality outcomes
• High level of attention to detail and commitment to excellence
• Good knowledge of:
• Information Technology and systems architecture
• Information IT Security and Cybersecurity frameworks
• Artificial Intelligence framework, LLM and generative AI.
• Business Continuity and resilience concepts

About you

To be the right fit for this position, you must have:

• A Master’s degree in Computer Science, Information Technology, Engineering, or a related field, ideally with a specialization in Cybersecurity or Artificial Intelligence
• Good understanding of Artificial Intelligence concepts and associated risks (e.g., data governance, model risk, explainability), with the ability to support clients in emerging AI-related topics
• At least 5+ years of relevant experience in IT, cybersecurity, IT risk or digital transformation—preferably within a professional services firm or financial services environment
• Strong technical understanding of IT environments, including applications, operating systems, databases, networks, and security architectures
• Exposure to or interest in Digitalization initiatives, such as process optimization, automation, or IT transformation programs
• Solid knowledge of regulatory and compliance requirements related to IT and information security (e.g., DORA, GDPR, IT outsourcing)
• Familiarity with industry standards and frameworks such as:
• ISO 27001 / ISO 22301
• NIST
• COBIT or similar GRC frameworks
• Excellent command of English and French (German is considered a strong asset)

Certifications (Considered an Asset)

CISSP, CISM, ISO 27001 Lead Auditor/Implementer, ISO 22301, CISA, CRISC, CGEIT, ITIL, PRINCE2, PMP, IAPP

What we offer

If you are interested in this job offer, you are welcome to apply!

• Young and dynamic company
• Diversified and interesting clients
• Learning curves with professional experience and trainings
• Warm work environment
• Flexibility at work (home working)
• Competitive salary package; and
• Lunch vouchers and health insurance.