Cybersecurity Consultant in Luxembourg

•     Contribute to Security Management activities:
  


•     Contribute to building the strategic view for the future of ICT security
  


•     Draft ICT Security policies, standards, guidelines;
  


•     Perform market reviews, products analyses, studies, lead security-related solutions assessments and labs;
  


•     Lead and manage Security-related projects;
  


•     Support project and application owners in designing, implementing and maintaining ICT Security:
  


•     Perform Risk analysis according to state-of-the-art methodologies and practices (including standards such as EBIOS, ISO 27005);
  


•     Elaborate ICT Security requirements for in-house and outsourced projects and applications;
  


•     Define and review architectures for security systems and various kinds of IT components;
  


•     Coordinate ICT Security activities in the projects, provide support to project managers;
  


•     Supervise Security testing/assessment throughout the projects;
  


•     Protect the Institution’s ICT infrastructure and applications.
  


•     Perform and/or supervise system risk analysis.
  


•     Define security-operating procedures for systems and products.
  


•     Define risk management plans related to ICT security.
  


•     Define and deliver user awareness programs;
  


•     Auditing and reviewing configuration of software, communication, computing systems;
  


•     Respond to incidents and perform technical analysis tasks;
  


•     Design, implement and manage technical security architectures, systems and software;
  


•     Collect information on ICT assets and categorize them according to the taxonomy.
  


•     Develop scripts and programs for a more efficient automation.
  


•     Regularly attends conferences, professional association meetings, and technical symposia to remain aware of the latest information security        technological developments.
  


•     Acts as a technical consultant on information security incident investigations and forensic technical analyses.
  

Requirements

•     Master's level degree in ICT + at least one ICT Security professional certification is also required (CISSP or CISA)
  


•     At least 10 years of professional experience in IT security
  


•     3 years of experience related to ICT security management (e.g. ISMS implementation, cybersecurity policy management, development of            security policies and standards); 
  


•     2 years of experience as a team leader or project leader for major security-related projects; 
  


•     Strong hands-on experience with Cloud security architecture (both AWS and Azure);
  


•     Experience with risk management and risk assessment tasks;
  


•     Experience with defining, implementing and managing ICT and Information policies, standards, procedures and guidelines;
  


•     Knowledge of ICT Security capability building through roadmaps, action plans, maturity models;
  


•     ISO 27k knowledge, having a certificate is an advantage;
  


•     ITSM practice and implementation of GRC tools (ServiceNow);
  


•     Operational best practices like Business continuity plan and Disaster Recovery;
  


•     Ability to understand and evaluate the impact of technological decisions on overall business outcomes;
  


•     Fluency in English, French language knowledge is a plus.