Chief Information Security Officer (CISO) - Luxembourg
Luxembourg, Luxembourg, Luxembourg
Brixio
Brixio empowers IT companies, IT teams, and web agencies to scale smartly and securely with our global IT expertise. Our flexible, high-quality offshore services prioritize cybersecurity and compliance, ensuring peace of mind as you grow your...As a Chief Information Security Officer (CISO), you will spearhead the development and implementation of a robust information security strategy, ensuring the highest standards of data protection, regulatory compliance, and risk management. Reporting directly to the Managing Partner and serving as a core member of the Management Committee, you will play a critical role in shaping the organization's security posture and maintaining its ISO 27001 certification.
This is an excellent opportunity for a cybersecurity leader to join and contribute to its mission of delivering world-class security solutions.
Key Responsibilities
Strategic Leadership:
- Develop and maintain a comprehensive information security strategy aligned with ISO 27001.
- Drive a culture of security awareness and lead training initiatives organization-wide.
- Collaborate with executive leaders to integrate cybersecurity into business goals.
Compliance and Risk Management:
- Oversee the Information Security Management System (ISMS), ensuring ISO 27001 and PCI-DSS compliance.
- Conduct risk assessments and implement remediation plans.
- Coordinate and manage audits (internal and external).
Security Operations:
- Work with teams to monitor, identify, and respond to cybersecurity threats.
- Implement technical controls and ensure alignment with ISO 27001 requirements.
- Lead incident response planning, including simulations and post-incident evaluations.
Governance and Reporting:
- Develop and maintain security KPIs, presenting regular reports to executive management.
- Maintain relationships with auditors and regulatory bodies.
Resilience:
- Ensure robust disaster recovery and business continuity plans are in place and tested.
- Lead resilience tests, including crisis management simulations.
Requirements
- In-depth knowledge of ISO 27001 standards, PCI-DSS framework, and other security frameworks (e.g., NIST, CIS).
- Strong technical expertise in IT security practices, including IAM, vulnerability management, and network security.
- Leadership and communication skills to guide cross-functional teams and influence stakeholders.
- Proven track record in managing security risks and maintaining compliance.
Regulatory Knowledge:
- Familiarity with CSSF regulations in Luxembourg, GDPR, DORA, and NIS2 frameworks.
Languages:
- English: Fluent (C1 level required).
- French: Fluent (C1 level required).
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISO Compliance GDPR Governance IAM Incident response ISMS ISO 27001 KPIs Network security NIS2 NIST Risk assessment Risk management Security strategy Strategy Vulnerability management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.