Information Security GRC expert (m/f)
Luxembourg (Ville de Luxembourg) IT development
Job description
Upon joining the team you will be in charge of the following responsibilities :
Compliance and Risk Management Leadership
· Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk;
· Coordinate the treatment of non-conformity with, and exceptions to, the Information Security Policy, norms and laws (ISO27001, GDPR);
· Address technical policy, compliance and regulatory issues;
· Provide efficient contract reviews;
· Contribute to the Firm's RFP submission processes in the Security related sections of those processes;
· Stay abreast of regulatory and norm changes affecting KPMG Business and information Security (in particular ISO27000 series and GDPR);
Governance and Project Leadership
· Develop a risk decision framework to help understand critical areas;
· Work with Information Security Officer, NITSO and QRMP to build cohesive security and compliance programs;
Risk Management
· Establish Risk Management Framework Processes and Tools;
· Coordinate and perform the assessment and analysis of information security risks and monitors compliance with security standards and appropriate policies;
We are looking for a candidate with the following qualifications and skills:
· Master level or equivalent in IT - specialty in Information Security;
· At least 6 years of experience with information security concepts and practices with at least 2 years in a Compliance and/or Information Security Risk Management;
· Experience implementing ISMS frameworks in relation to ISO 27001;
· Experience with Information Security Risk Management Framework (ISO27005) and Tools;
· Knowledge of IT Domain (Infrastructure, software development and Data protection);
· ISO27001 Lead Implementer, ISO27005 Risk manager certification;
· Project management skills;
· CISSP, CISM or similar certifications could be an important asset
· Fluency in English is required; Knowledge of French or German would be an asset. Interested in learning more about this challenge? We are looking forward to hearing from you!