Security specialist M/F

Be at the center of a security strategy department within a private Bank

We are looking for a Security Specialist for one of our clients based in Luxembourg.

• Freelance contract or permanent contract via a payrolling company
• Full-time job
• Languages: fluent English, B1/B2 German (strong advantage)

Main responsabilities:

• You will contribute directly to the bank's security strategy, collaborating with key stakeholders and gaining strong visibility.
• You will support data governance topics, expanding your expertise in how critical information is managed and protected.

• You will help develop the organisation's security culture by shaping awareness initiatives and training activities.

• You will monitor security, placing you at the frontline of threat detection and internal risk prevention.
• You will conduct regular and ad‑hoc risk assessments, strengthening your understanding of regulations and internal controls.
• You will assess the effectiveness of 1st Line of Defense controls and influence continuous improvement efforts.
• You will support ICT risk management in projects, allowing you to impact strategic decisions early in the lifecycle.

• You will contribute to identifying and mitigating cyber risks, advising risk owners and sharpening your analytical skills.
• You will maintain risk registers and take part in shaping the annual security roadmap.
• You will perform due‑diligence checks on third‑party providers, developing valuable third‑party risk expertise.
• You will support investigations and incident response, gaining hands‑on experience in forensic and crisis handling.
• You will collaborate with audit teams and risk champions, building a strong cross‑departmental network.

• You will prepare executive‑level reports, enhancing your strategic communication visibility.

• You will help define and track key risk indicators ensuring continuous visibility on the organization's risk posture.

• You will perform due‑diligence checks on third‑party providers to ensure compliance with the bank's information security requirements.
• You will support periodic reassessments of external partners, validating that they continue to meet the bank's security standards.
• You will contribute to identifying third‑party‑related risks early and support the definition of appropriate mitigation measures.

• You will manage the overall mitigation action to resolve identified gaps with the control framework

• You are educated to at least a bachelor's level in information security, computer science, business informatics, or an equivalent field.
• You are an experienced professional with several years of hands‑on exposure to cybersecurity, ideally in the financial sector.
• You are familiar with industry frameworks (ISO 27001 / NIST), and you understand relevant regulatory requirements.
• You are comfortable working autonomously, managing priorities, and driving initiatives in a complex organisation.
• You are capable of translating technical risks into clear, meaningful messages for both technical and business audiences.
• You are solution‑driven, rigorous, reliable, and committed to ethical practices.
• You are able to work under pressure and adapt to changing priorities without compromising quality.
• You are fluent in English, and any additional language skills (German or French) are a strong advantage.
• You are proficient with common office tools and have experience using GRC and risk‑management platforms.