Cybersecurity & IT Risk Advisor (H/F)
Published on 03/12/2025
Harry Hope.
- 1740 Luxembourg
- IT Infrastructure / System / Network
- Between 70k and 90k € / year
Working time
Type of contract
Spoken languages
Professional experience
Educational level
Harry Hope, cabinet de recrutement accompagne candidats et entreprises dans leurs recherches des meilleures opportunités en France et à l'international. Afin de mieux répondre à vos enjeux, tous nos consultants sont spécialisés par secteur d'activité et zone géographique.
POSTE
One of our client is seeking a Cybersecurity & IT Risk Advisor with experience in the financial sector to support governance, oversight, and control activities related to ICT risks. The role focuses on ensuring compliance with European regulations (DORA, CSSF circulars) and international security standards (ISO 27001, NIST, CIS, ITIL).
The professional will operate within the Second Line of Defense, collaborating with IT Risk, IT Security, and senior management, ensuring independence, analytical rigor, and a strong methodological approach.
Key Responsibilities
- Conduct ICT risk assessments, compliance reviews, and gap assessments against regulatory and industry standards (DORA, GDPR, ISO, NIST).
- Define, evaluate, and continuously monitor ICT controls, KPI/KRI, risk thresholds, and security indicators.
- Support ICT incident classification, reporting processes, and non-compliance management.
- Contribute to the review and enhancement of IT Security policies, procedures, and governance documentation.
- Support ICT third-party management activities, including vendor oversight and regulatory compliance for IT outsourcing.
- Assist in preparing reports and dashboards for senior management, audit functions, and control bodies.
- Promote security best practices, awareness initiatives, and consistent operational standards.
PROFIL
Required Skills
- Experience in IT Risk Management, Cybersecurity Governance, IT Compliance, IT Audit, or Second Line of Defense roles.
- Strong knowledge of major regulatory frameworks and standards: DORA, EBA Guidelines, CSSF circulars, ISO 27001, NIST, ITIL, CIS.
- Strong analytical and problem-solving skills, with the ability to manage tasks independently.
- Excellent written and verbal communication skills, comfortable interacting with senior stakeholders.
Language Requirements
- Italian: mandatory
- English: mandatory
- French: considered a strong plus
Education & Certifications
- Master's degree.
- Relevant certifications (ISO/IEC 27001 Lead Implementer/Auditor, ITIL v4, Azure Fundamentals).
- Availability to work full-time on-site in Luxembourg.
POSTE
One of our client is seeking a Cybersecurity & IT Risk Advisor with experience in the financial sector to support governance, oversight, and control activities related to ICT risks. The role focuses on ensuring compliance with European regulations (DORA, CSSF circulars) and international security standards (ISO 27001, NIST, CIS, ITIL).
The professional will operate within the Second Line of Defense, collaborating with IT Risk, IT Security, and senior management, ensuring independence, analytical rigor, and a strong methodological approach.
Key Responsibilities
- Conduct ICT risk assessments, compliance reviews, and gap assessments against regulatory and industry standards (DORA, GDPR, ISO, NIST).
- Define, evaluate, and continuously monitor ICT controls, KPI/KRI, risk thresholds, and security indicators.
- Support ICT incident classification, reporting processes, and non-compliance management.
- Contribute to the review and enhancement of IT Security policies, procedures, and governance documentation.
- Support ICT third-party management activities, including vendor oversight and regulatory compliance for IT outsourcing.
- Assist in preparing reports and dashboards for senior management, audit functions, and control bodies.
- Promote security best practices, awareness initiatives, and consistent operational standards.
PROFIL
Required Skills
- Experience in IT Risk Management, Cybersecurity Governance, IT Compliance, IT Audit, or Second Line of Defense roles.
- Strong knowledge of major regulatory frameworks and standards: DORA, EBA Guidelines, CSSF circulars, ISO 27001, NIST, ITIL, CIS.
- Strong analytical and problem-solving skills, with the ability to manage tasks independently.
- Excellent written and verbal communication skills, comfortable interacting with senior stakeholders.
Language Requirements
- Italian: mandatory
- English: mandatory
- French: considered a strong plus
Education & Certifications
- Master's degree.
- Relevant certifications (ISO/IEC 27001 Lead Implementer/Auditor, ITIL v4, Azure Fundamentals).
- Availability to work full-time on-site in Luxembourg.
