Talent.com
Diese Stelle ist in deinem Land nicht verfügbar.
Information Security Engineer

Information Security Engineer

TMC LuxembourgBiesdorf, DE
Vor 8 Tagen
Stellenbeschreibung

Key Responsibilities :

  • Audit & Compliance Management : Assist in the preparation, coordination, and response for internal and external security audits , ensuring adherence to industry regulations and standards.
  • Remediation & Risk Mitigation : Track audit findings, define corrective action plans , and oversee their implementation to address security gaps.
  • Performance Monitoring & Reporting : Measure and report key security metrics (KPIs, SLAs) related to cybersecurity services and ensure transparency with key stakeholders.
  • Information Security Management System (ISMS) : Support the development, maintenance, and continuous improvement of ISMS frameworks in alignment with best practices.
  • Risk Governance & Policy Development : Assist in defining and maintaining risk management policies and procedures , ensuring security risks are properly assessed and mitigated.
  • Risk Assessments : Conduct security risk assessments to identify vulnerabilities and provide recommendations to strengthen security controls.
  • Third-Party Security Oversight : Support vendor security assessments , ensuring external partners and suppliers comply with established security policies.

Required Skills & Qualifications :

  • Experience : Minimum 5 years of experience in Information Security Risk, Governance, and Compliance .
  • Security Frameworks & Standards : Strong understanding of ISO 27001 / 27002, NIST CSF, CIS Controls , and other security regulatory frameworks.
  • Certifications : Relevant certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer / Auditor are highly desirable.
  • GRC Platforms : Experience working with Governance, Risk & Compliance (GRC) tools for security audits and risk reporting.
  • Analytical & Risk Management Skills : Ability to assess security risks, define mitigation strategies , and align policies with industry best practices.
  • Communication & Documentation : Strong written and verbal communication skills to document security processes, engage stakeholders , and present compliance reports.