Information Security Engineer

Mamer , Capellen, Luxembourg

Type: n/a

Category: IT & Internet & Media

Requirements: English
Company: TMC Luxembourg
Region: Mamer , Capellen

Key Responsibilities:

1. Audit & Compliance Management: Assist in the preparation, coordination, and response for internal and external security audits, ensuring adherence to industry regulations and standards.
2. Remediation & Risk Mitigation: Track audit findings, define corrective action plans, and oversee their implementation to address security gaps.
3. Performance Monitoring & Reporting: Measure and report key security metrics (KPIs, SLAs) related to cybersecurity services and ensure transparency with key stakeholders.
4. Information Security Management System (ISMS): Support the development, maintenance, and continuous improvement of ISMS frameworks in alignment with best practices.
5. Risk Governance & Policy Development: Assist in defining and maintaining risk management policies and procedures, ensuring security risks are properly assessed and mitigated.
6. Risk Assessments: Conduct security risk assessments to identify vulnerabilities and provide recommendations to strengthen security controls.
7. Third-Party Security Oversight: Support vendor security assessments, ensuring external partners and suppliers comply with established security policies.

Required Skills & Qualifications:

• Experience: Minimum 5 years of experience in Information Security Risk, Governance, and Compliance.
• Security Frameworks & Standards: Strong understanding of ISO 27001/27002, NIST CSF, CIS Controls, and other security regulatory frameworks.
• Certifications: Relevant certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor are highly desirable.
• GRC Platforms: Experience working with Governance, Risk & Compliance (GRC) tools for security audits and risk reporting.
• Analytical & Risk Management Skills: Ability to assess security risks, define mitigation strategies, and align policies with industry best practices.
• Communication & Documentation: Strong written and verbal communication skills to document security processes, engage stakeholders, and present compliance reports.

Click here to apply and get more details about this job! It will open in a new tab.