IT Risk Analyst (m/f)
Role & responsibilities
- Management of the IT risk map
- Evaluate compliance with policies, standards and regulations by conducting risk assessments, controls and drafting action plans
- Review, design and deployment of IT risk management systems
- Draft, update and management of internal IT procedures/policies
- University degree (BAC + 4 / BAC + 5) with a specialization in information and security systems management and/or compliance and IT risk management
- Minimum of 3 years' experience in an IT services company, at a network/security integrator or risk management consultancy in one or more of the following areas: IT compliance, IT risk management and cybersecurity
- General knowledge of post-exploitation techniques on Microsoft environments and web applications (OWASP Top 10)
- General knowledge of cyberattacks: pentest methods, MITRE ATT&CK framework, ElasticSearch monitoring solutions
- Knowledge and experience of regulatory frameworks and compliance standards such as COBIT, ISO27K, etc.
- Experience of working and collaborating effectively with the Risk Management function
- Good writing, analytical and summarizing skills especially regarding IT process documentation
- Fluency in French and English is mandatory. Fluency in Luxembourgish and German is an asset
- Knowledge of the financial sector will be considered an additional asset
The successful candidate (m/f) will be hired as public employee (“employé de l’Etat”) under a permanent contract. If the candidate meets the required conditions, s/he will be asked to apply for admission to the status of civil servant (“fonctionnaire de l’Etat”).
Prior to the conclusion of the contract, the candidate must submit an extract from the criminal record (bulletin n°3), dated less than 2 months, in order to prove their conduct and integrity.
* Required fields