IT Security Expert (m/f/n)

Department: Energy Business IT | Location: Esch-sur-Alzette | Contract: Permanent |

Job Requisition N°19522

Your tasks

• You ensure the effectiveness and resilience of security controls across a modern IT landscape, including cloud platforms (e.g. Azure, AWS), containerized environments (e.g. Kubernetes, Docker) and infrastructure managed through automation and GitOps practices (e.g. Terraform, GitLab, ArgoCD).
• You monitor and analyse security events using detection and response platforms (e.g. SIEM, XDR, Microsoft Sentinel, Wazuh), investigating anomalies and coordinating appropriate response actions.
• You strengthen the security posture by identifying and managing vulnerabilities through scanning and assessment approaches (e.g. Qualys, Trivy), working closely with engineering teams to ensure timely remediation.
• You contribute to incident detection and response by leveraging log analysis, endpoint and network telemetry, and threat exposure platforms (e.g. Defender, XMCyber), supporting investigation and containment activities.
• You enhance detection and monitoring capabilities by improving use cases, alerting logic and data integration across security and observability platforms.
• You support incident handling from initial triage to resolution, including deeper technical analysis and coordination with internal and external stakeholders.
• You contribute to the secure configuration and continuous improvement of core security controls such as identity and access management (e.g. Azure AD, IAM), network security (e.g. firewalls, WAF, proxy solutions) and endpoint protection.
• You integrate security into engineering workflows by embedding controls into CI/CD pipelines and infrastructure-as-code processes (e.g. GitLab CI), and by leveraging policy-as-code and security automation tools (e.g. Kyverno, Renovate, Trivy), ensuring secure and automated delivery.
• You participate in the evaluation and optimisation of security technologies, including application security testing tools (e.g. MobSF), contributing to their integration within the overall architecture and ensuring their effective operational use.
• You collaborate with DevOps and platform teams to build scalable, secure-by-design solutions aligned with cloud-native and microservices architectures.
• You act as a technical reference for security topics, providing pragmatic guidance and contributing to the continuous improvement of security practices across the organisation

Your profile

• You hold a university degree in IT or have an equivalent professional qualification in Cybersecurity or Information Technologies
• You have minimum of 2 years of experience in a similar role
• You have an in-depth understanding of current cybersecurity trends, technologies, and best practices
• You are committed of staying updated on the latest security technologies
• You are familiar with dev ops procedures and technologies
• Proven experience of analysing security scans, identifying potential exploits, and recommending appropriate remediation strategies
• Strong expertise in interpreting log data to identify security breach patterns and anomalies
• Excellent communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical stakeholders
• Experience collaborating with cross-functional teams, particularly with DevOps engineers and other IT professionals
• You have good verbal and written communication skills in English, French and German
• Relevant certifications such as CISSP, CISM, CompTIA Security+, or similar, are highly desirable

What we offer

“Together we build the future of Luxembourg’s energy transition”

• The opportunity to join a Group that actively shapes the energy transition in Luxembourg and the Greater Region
• A multicultural and international working environment that encourages diversity and inclusion
• A competitive salary with additional benefits (e.g. pension plan, additional health insurance, free parking, company restaurant, etc.)
• A significant stability of employment and the possibility to evolve within the Group
• Continuous learning and development career path adapted to the needs of each employee
• Hybrid working mode with the possibility to work from home

For external applications, a recent copy of the police record will be requested if you are invited for an interview.