Information Security Governance Consultant / + de 3 ans d'expérience / Français C1 C2 / Anglais B1 H/F

Ce cabinet de conseil et d'intégration de technologies dans le monde de la sécurité des biens immatériels.est basé au Grand-Duché du Luxembourg depuis 2012.

Il accompagne ses clients tout au long du cycle de vie de leurs systèmes d'information.

Son rôle de conseil lui permet d'intervenir dans la globalité des projets et ses compétences d'intégration d'être un partenaire complet de ses clients dans la mise en oeuvre de nos recommandations.

Be part of a great team

As an Information Security Governance Consultant, you will be part of a multidisciplinary team and you will work in the Information Security Governance department.

The team is made of experienced and junior consultants with a mix of specialties proper to each consultant.

The team is in charge of information security governance consulting and support.

They also provide services in the following areas :

• Definition of an organization's security strategy and establishment of its short, medium and long-term security program
• Management and organization of information security and establishment of the governance framework (security policies)
• Information security risk management
• Resilience support (BCP/DRP, incident management, cyber crisis management, etc.)
• Cloud services security Support for regulatory compliance (GDPR, CSSF, etc.) and standards compliance (ISO 27001, NIST CSF, CIS 20 certification)
• CISO support or CISO function within an organization take-over Information security maturity assessment and audit.

The objective of the services provided by the Information Security Governance team is to understand and analyze the business needs of the clients and to decline them into Information Security requirements.

Therefore, the team is able to assist clients in their maturity increase through the different approaches defined within the department.

Your mission as an Information Security Governance Consultant :

As an Information Security Governance consultant, mostly known as ISG, you will first need to have a structured risk approach and a good knowledge of the implementation of security measures in organizations.

Your main objective will be to assis the clients in the implementation of their strategy by identifying the security projects to be initiated, assessing the maturity of controls and advising the choice of treatment to be adopted regarding the risks organizations are facing.

The objective is to make information security a determining element in the value of the company while being pragmatic with the realization of the field.

You are passionate about Information Security and have the ambition to work in the governance aspects of the business.

From an engineer level or equivalent, you possess the necessary knowledge to manage Information Security and its risks.

Your skills as an Information Security Governance Consultant

You understand how governance can structure an information security approach

You are constantly on the lookout for issues related to cybersecurity

You communicate with ease and you know how to convey clear messages to different interlocutors (Management, CISO, IT, Business, etc.)

You have strong writing and analytical skills

You propose structured approaches and are organized in your work

You are able to step back from a problem and have a long-term vision of how to address it

You are familiar with security standards (ISO 27001, NIST CSF, CIS 20, SWIFT, etc.)

You possess certifications such as CISSP, ISO27001 Lead Implementer / Lead Auditor, ISO27005 Risk Manager, CISM, etc

You understand the technical issues specific to information systems (networks, systems, etc.)

English level required: good (written and oral) equivalent to minimum B1.

You have a good state of mind, you're capable of working within a team and ready to take part in a great adventure.

You are also dynamic, reactive, ambitious, creative, independent and you are not scared to share your mind.

You have capacities to adapt and to take some initiatives.