Risk & Information Security Officer Permanent Contract (M/F)
A real challenge in an international high-tech environment
EBRC (European Business Reliance Centre), leader in Luxembourg and in the Greater Region and a reference model in Europe in integrated one-stop-shop "Trusted Datacentre, Cloud, Managed Services & Advisory Services", aims to become a European Centre of Excellence and Trust in the protection and management of sensitive information.
As part of the development of its "Trusted Services Europe", at national level and at European level, EBRC is seeking to recruit a: Risk & Information Security Officer - Permanent Contract (M/F)
Within the “RISC – Risk, Information, Security & Continuity” team:
- You contribute to maintain sound Risk Management practices based on ISO 31000, ISO 27005 standards, and support EBRC in monitoring the evolution, assessment and the mitigation of threats;
- You participate in the definition and monitoring of organizational security, including internal controls, such as dashboards and key indicators, internal operational security governance and security policies baselines;
- You will also be responsible for ensuring compliance with EBRC certifications and regulatory requirement as well as the maintenance and continuous improvement of the associated information systems,
- You maintain and share your knowledge regarding risks evolutions & changes of Security good practices (NIST, ISO, SANS, Competition, Research, etc.) and regulatory requirements potentially applicable to client’s and EBRC’s environment;
- You provide information on internal risk management practices, controls, contexts and scopes of certifications and projects regarding questions, reviews and customer’s, prospect’s and other external stakeholders’ s audits;
- You support international security project whenever necessary, assist the Business Continuity Manager in his activities, and participate in the activities of the EBRC Computer Security Incident Response Team (CSIRT).
- You hold a BAC+3 to 5 in Information and Computer Security, Risk Management or equivalent;
- You have a first experience in the field of Information Security, Control or Risk Management;
- You have a Good technical knowledge of common information systems, Architecture concepts and Security Engineering;
- You have a good handling of Information Systems Security standards (ISO/IEC 27001 – Information Security, ISO/IEC 22301 – Business Continuity, ISO/IEC 27017 – ISMS of Cloud Services, Hébergeurs de Données de Santé (HDS), etc) and of the risk management and securities measure’s methodologies;
- You gained experience in managing projects and are comfortable in Luxembourg and European’s regulatory landscape (PSF, GPDR, etc.).
- Curious and attentive to details, you have a critical mind and a quality focus, and are comfortable in communication with different types of stakeholders.
- You are fluent in French and English, written and spoken.
EBRC offers you the opportunity to join a company with strong growth potential.
This position is also accessible to any person with a disability.
EBRC - Human Resources
For the attention of Ms Boucquey
19-23 rue Jean Fischbach
Tel.: 26 06-1