LuxTrust is looking for its next Junior IT Security Officer. Here are the details of the position:
Contribute to improve IT security controls effectiveness, increase ISMS process maturity and keep IT risks exposure under accepted level by assisting the Chief Information Security Officer in its missions
- Lead Security Operation activities such as vulnerability management; threats monitoring; threat prevention (phishing tentative, SIEM alerts) and log review. Improve threat detection capabilities by reviewing SIEM use cases on a regular basis in closed collaboration with our SOC services.
- Provide Information Security advisory to both IT and Business units by assisting Legal, compliance and CSD teams in due diligence exercises, new process flow or use cases and any security questions. Lead supplier due diligence assessment for the security aspects.
- Identity and access management: review on a regular basis access rights for physical and logical access.
- Maintain and improve ISMS documentation based on knowledge of best practices, regulatory requirements and specific needs of LuxTrust. Lead procedures development and maintain it on annual basis. Participate to the Policy/Standards document review.
- Directs an ongoing, proactive risk assessment program for all new and existing systems in our corporate environment and ensure that effective controls to manage these risks are in place against the company’s goals and business processes.
- Assist the IT team in performing risk assessment related to technology implementation:
- Perform research and coordination with Engineering to drive security
- Perform research and recommendation of appropriate security protection products and services, such as log management, security event management, and intrusion detection
- Lead penetration-testing campaign on corporate environment. Define pen-testing scope, prepare and coordinate pen-testers activities, review pen-testing results with IT department and lead recommendations action plan.
- Participate in Audit ISO27001.
- Contribute to security awareness annual program.
- Implements security improvements by assessing current situation; evaluating trends; anticipating requirements; evaluation security incidents.
- Bac +5 or equivalent experience
- Knowledge in Information technology / Information Security / System engineer with security mindset (3 to 5 years of experience)
- Skills and knowledge of IT, networks and Information security business
- PKI knowledge is an asset
- Strong analytical skills to analyse information security requirements and relate them to appropriate controls
- Organized, responsive, accountable and highly thorough of problem solving oriented and solution driven
- Experience in developing, documenting and maintaining policies, processes, procedures and standards
- Prior security audit experience would be an asset
- Knowledge of and experience in understanding documentation and regulatory compliance requirements
- Ability to synthesize
- Proactive attitude
- Good team player and positive attitude in a challenging environment
- Strong communication and writing skills
- Foster team work and collaboration
- Fluency in French and English, both oral and written
Permanent contract based in Capellen – Luxembourg. In addition to a competitive salary, in accordance with your education and experience, we offer other benefits including an employee benefit plan.
Interested candidates are invited to send their application along with a CV by e-mail to: firstname.lastname@example.org.
3 to 5 years