Be at the center of a security strategy department within a private Bank
We are looking for a Security Specialist for one of our clients based in Luxembourg.
* Freelance contract or permanent contract via a payrolling company
* Full-time job
* Languages: fluent English, B1/B2 German (strong advantage)
Main responsabilities:
Information Security Support :
* You will contribute directly to the bank's security strategy, collaborating with key stakeholders and gaining strong visibility.
* You will support data governance topics, expanding your expertise in how critical information is managed and protected.
Define and Train :
* You will help develop the organisation's security culture by shaping awareness initiatives and training activities.
Control and Assess :
* You will monitor security, placing you at the frontline of threat detection and internal risk prevention.
* You will conduct regular and ad‑hoc risk assessments, strengthening your understanding of regulations and internal controls.
* You will assess the effectiveness of 1st Line of Defense controls and influence continuous improvement efforts.
* You will support ICT risk management in projects, allowing you to impact strategic decisions early in the lifecycle.
Risk Management :
* You will contribute to identifying and mitigating cyber risks, advising risk owners and sharpening your analytical skills.
* You will maintain risk registers and take part in shaping the annual security roadmap.
* You will perform due‑diligence checks on third‑party providers, developing valuable third‑party risk expertise.
* You will support investigations and incident response, gaining hands‑on experience in forensic and crisis handling.
* You will collaborate with audit teams and risk champions, building a strong cross‑departmental network.
Compliance :
* You will prepare executive‑level reports, enhancing your strategic communication visibility.
Report and Monitor :
* You will help define and track key risk indicators ensuring continuous visibility on the organization's risk posture.
Third‑Party Risk Management :
* You will perform due‑diligence checks on third‑party providers to ensure compliance with the bank's information security requirements.
* You will support periodic reassessments of external partners, validating that they continue to meet the bank's security standards.
* You will contribute to identifying third‑party‑related risks early and support the definition of appropriate mitigation measures.
Response and Mitigate :
* You will manage the overall mitigation action to resolve identified gaps with the control framework
Your profile :
* You are educated to at least a bachelor's level in information security, computer science, business informatics, or an equivalent field.
* You are an experienced professional with several years of hands‑on exposure to cybersecurity, ideally in the financial sector.
* You are familiar with industry frameworks (ISO 27001 / NIST), and you understand relevant regulatory requirements.
* You are comfortable working autonomously, managing priorities, and driving initiatives in a complex organisation.
* You are capable of translating technical risks into clear, meaningful messages for both technical and business audiences.
* You are solution‑driven, rigorous, reliable, and committed to ethical practices.
* You are able to work under pressure and adapt to changing priorities without compromising quality.
* You are fluent in English, and any additional language skills (German or French) are a strong advantage.
* You are proficient with common office tools and have experience using GRC and risk‑management platforms.