Head Information Technology Security (m/f)
The Recruiter
- Luxemburg
- Unbefristet
- Vollzeit
- Collaborate with executive leadership to prioritise security initiatives and allocate budget based on risk management principles and financial considerations.
- Advocate for all aspects of information security, driving the planning and development of the security strategy in alignment with the company’s strategic objectives.
- Ensure Information Technology adherence to legal and regulatory requirements, maintaining a secure IT environment.
- Oversee enhancement of the information security governance framework, including the refinement of policies, procedures, standards, and defining roles and responsibilities.
- Lead risk assessments for business processes, IT systems, and third-party engagements, driving the remediation of identified risks utilizing best practices.
- Develop, implement, and validate IT security controls and measures.
- Closely work with the Head of IT Infrastructure and Head of Business Applications teams to align the technical requirements.
- Collaborate for Security: work hand-in-hand with the Security Operations Center to fortify the digital landscape against emerging threats.
- Promote security awareness and training, ensuring comprehensive participation across the company.
- A Bachelor or Master degree in Management Information Technology, or an equally compelling story of experience and expertise.
- Brings at least 8 years of relevant experience in information security or cybersecurity.
- Demonstrated leadership capabilities in guiding diverse teams, including policy and operational security staff.
- In-depth knowledge of the NIST Cybersecurity Framework (CSF); ISO 2700X certification is advantageous.
- Expertise in risk management concepts and practices.
- Proficiency in learning and applying new cybersecurity regulations.
- Solid understanding of project management principles.
- Exceptional communication skills in English (bonus points for French on top) and capable of engaging with colleagues and stakeholders at all levels.
- Strong influencing skills.
- Familiarity with Cybersecurity risk-related regulations (e.g., NIS2, PART-IS); GDPR knowledge is beneficial.
- Technical understanding of key IT infrastructure components and enterprise systems.
- Insight into advanced security principles such as Zero Trust, IAM, MFA, and Secure by Design.
- Demonstrates exceptional communication skills across all organizational levels.
- Exhibits strong organizational and analytical capabilities.
- Holds certifications such as CISSP, CISM, CCNA Security, or CISA.
- Works effectively independently and as part of a team.