Information Security Officer (m / f / x)

For our department IT Security   within General Services , we are looking for a (an) :

Information Security Officer (m / f / x)

Description :

As Information Security Officer you will actively

contribute to maintaining and strengthening Luxair group's information security

posture.

Driven

by a strong interest in cybersecurity, you will actively support the Head of IT

Security in coordinating and implementing risk-based security measures,

ensuring that policies, controls, and processes effectively protect the Group’s

information assets and support all related activities of the IT department.

Responsibilities :

Ensure effective security monitoring and

incident response through analysis of security logs using the existing SIEM,

working with the Managed SOC to validate alerts, minimize false positives,

detect threats, and develop incident response playbooks for coordinated,

timely actions

Support the overall identity and access

control management process, including Identity and Access Management

(IAM), Privileged Access Management (PAM), and Identity Governance and

Administration (IGA), ensuring proper user lifecycle management, access

provisioning, privileged account protection. While promoting secure access

practices across the organization

Conduct risk and security assessments for

internal and third-party solutions in line with established standards

Contribute to the design, execution, and

follow-up of vulnerability assessments, and penetration testing, ensuring

timely remediation of identified weaknesses

Contribute to the creation and maintain

up-to-date baselines, secure configuration and system hardening activities

with internal technical teams

Develop and maintain information security

policies, standards, and procedures, ensuring compliance with frameworks

such as PCI-DSS, and supporting related audits and assessments

Contribute

to the information security awareness program

Education & skills

Bachelor’s in computer science / information

security or equivalent combination of education and experience that

satisfy the requirements of the position

Previous relevant experience in Information

Security

Have knowledge of enterprise security

concepts : Zero Trust, Least Privileges, IAM, PAM, IGA, MFA, SSO, Secure by

Design, Defense in Depth, SSDLC, Cryptography, etc.

Hands on experience operating security solutions

(e.g. vulnerability scanners, EDR, …)

Hands on experience operating an Identity Governance and

Administration (IGA)

and Privileged access management (PAM) solution

Good analytical skills with the ability to

clearly explain and summarize ideas

Excellent verbal, written and interpersonal communication skills in

English

Desired or to be acquired criteria

Knowledge of industry best practices,

standards, frameworks and regulations (NIST CSF, ISO27001, ISO27005, GDPR,

NIS2, PCI-DSS…)

Hands on experience in IT infrastructure

(e.g., Network, Unix, VMWare, Backups, Windows, …)

Ability to collaborate with both technical and

non-technical staff

Strong passion and interest in information

security

• Organized, proactive and customer-oriented

Strong critical thinking and problem-solving

skills

Self-motivated individual and able to work

methodically with minimal supervision

Positive can-do attitude with a mature and

professional approach

The ideal candidate  :

Knowledge of Luxemburgish

or any other language is considered as asset