Chief Information Security Officer (CISO)
About the Role:
As a Chief Information Security Officer (CISO), you will spearhead the development and
implementation of a robust information security strategy, ensuring the highest standards of data
protection, regulatory compliance, and risk management. Reporting directly to the Managing Partner
and serving as a core member of the Management Committee, you will play a critical role in shaping
the organization's security posture and maintaining its ISO 27001 certification.
This is an excellent opportunity for a cybersecurity leader to join and contribute to its mission of
delivering world-class security solutions.
Key Responsibilities:
Strategic Leadership:
• Develop and maintain a comprehensive information security strategy aligned with ISO 27001.
• Drive a culture of security awareness and lead training initiatives organization-wide.
• Collaborate with executive leaders to integrate cybersecurity into business goals.
• Compliance and Risk Management:
• Oversee the Information Security Management System (ISMS), ensuring ISO 27001 and PCI-
DSS compliance.
• Conduct risk assessments and implement remediation plans.
• Coordinate and manage audits (internal and external).
Security Operations:
• Work with teams to monitor, identify, and respond to cybersecurity threats.
• Implement technical controls and ensure alignment with ISO 27001 requirements.
• Lead incident response planning, including simulations and post-incident evaluations.
• Governance and Reporting:
• Develop and maintain security KPIs, presenting regular reports to executive management.
• Maintain relationships with auditors and regulatory bodies.
Resilience:
• Ensure robust disaster recovery and business continuity plans are in place and tested.
• Lead resilience tests, including crisis management simulations.
Requirements:
• In-depth knowledge of ISO 27001 standards, PCI-DSS framework, and other security
frameworks (, NIST, CIS).
• Strong technical expertise in IT security practices, including IAM, vulnerability management,
and network security.
• Leadership and communication skills to guide cross-functional teams and influence
stakeholders.
• Proven track record in managing security risks and maintaining compliance.
Regulatory Knowledge:
• Familiarity with CSSF regulations in Luxembourg, GDPR, DORA, and NIS2 frameworks.
Languages:
• English: Fluent (C1 level required).
• French: Fluent (C1 level required)
You can now send your applications which will be treated confidentially by or by phone at