TIBER/TLPT and cybersecurity officer (m/f)


Within the “TIBER-LU” unit of the “Supervision of Information Systems and Support PFS” service, you will be a member of the “TIBER/TLPT Cyber Team” (TCT). The role of the TCT is to manage, operationalise and monitor the TIBER-LU/DORA TLPT framework implementation and each of the tests carried out in this context.

In addition, you will also be a member of the “Off-site Supervision of Information Systems” division. You will be particularly involved in cybersecurity analysis and policy work and contribute to the other missions carried out by this division.

Role & responsibilities

  • Manage, operationalise and monitor the TIBER-LU/DORA TLPT programme and each of the TIBER-LU / DORA TLPT tests carried out in the programme
  • Ensure uniform, high-quality tests containing all the mandatory elements defined in the TIBER-LU / DORA TLPT framework
  • Continuously update the testing implementation guide in light of lessons learnt from its implementation and the tests carried out
  • Review and update testing framework, where appropriate, in light of relevant regulatory developments
  • Attend national and international meetings related to testing frameworks.
  • Perform cybersecurity analysis and policy work (notably related to DORA), as part of the missions carried out by the Off-site Supervision of Information Systems division.
  • Contribute to other day-to-day activities of the Off-site Supervision division as needed, notably the ones requiring a technical expertise, and in relation to DORA

Your profile

  • University degree (minimum Bac +3) in information systems audit or computer sciences or IT security. Certifications related to the required technical skills are an asset
  • Proven professional experience of at least 3 years in either the field of penetration testing, information systems auditing or in IT risk management, with a particular focus on (cyber)security
  • Excellent knowledge of the regulatory framework, in particular laws, regulations and CSSF circulars relating to IT
  • Knowledge of European regulation in this area (i.e. DORA, PSD2, eIDAS, NIS, etc.) and interest in new technologies and digital solutions (cloud computing, DLT, AI, virtual currencies/crypto assets, open banking/finance, security, etc.) constitute an advantage
  • Perfect command of written and spoken English. Fluency in French and/or German. Knowledge of Luxembourgish will be considered as an advantage
  • Knowledge of the TIBER-EU/DORA TLPT framework is an asset
  • CISA, CISM, CISSP, OSCP or equivalent certifications are an asset
  • Writing, analytical, synthesis and communication skills
  • Proactivity and flexibility; ability to work independently as well as good team spirit
  • Project management skills
  • Confidentiality

The successful candidate (m/f) will be hired as public employee (“employé de l’Etat”) under a permanent contract. If the candidate meets the required conditions, s/he will be asked to apply for admission to the status of civil servant (“fonctionnaire de l’Etat”).

Prior to the conclusion of the contract, the candidate must submit an extract from the criminal record (bulletin n°3), dated less than 2 months, in order to prove their conduct and integrity.

Apply now

* Required fields