Head IT Security (m/f)
Veröffentlicht am 24/04/2024
Luxair
- Luxembourg, Luxembourg (Canton)
For our department Information Security within LuxairGroup, we are looking for a (an):
Head IT Security (m/f)
Main duties:
- Work with the company executives to prioritize company security initiatives and spending based on appropriate risk management and/or financial methodology.
- Endorse all company information security related issues including the planning and development of information security strategy in support of the company's strategic plan
- Ensure that Information Technology complies with existing laws and regulations while assuring that the
company's IT environment is secure - Create and implement an information system risk management framework (risk based approach) in order
to ensure the appropriate application of controls based on risk. - Create, implement and test IT controls
- Develop information classification standards and procedures to appropriately manage information
- Participate to the risk assessment and related design for establishment of the disaster recovery and business continuity management plans
- Monitor the incident response planning (computer emergency response, computer incident response) in
coordination with IS&O as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary - Establish security awareness and training standards and oversees company-wide participation
Required profile:
Minimum required criteria:
- Be holder of master degree in IT (Bac +5) or equivalent
- Demonstrate strong knowledge of technologies and how it supports the day to day business, to including: Software Development Life Cycle (SDLC), Information Technology Operations, data Center Operations, vendors management, Information Technology auditing and compliance.
- Provide a proven track of practical experience designing and implementing enterprise information technology security environment: physical and/or software.
- Show strong leadership skills in managing cross functional teams of administrative and policy focused professionals, as well as technical security operations staff.
- Have excellent knowledge of standard project management practices
- Have excellent knowledge of standard office applications
- Show excellent communication skills in English as well as skills in French or German (spoken and written)
- Accept Duty Travel
Desired or to be acquired criteria:
- Demonstrate the ability to communicate at all levels, both inside and outside the company
- Must provide an effort in the undeveloped language as well as in Luxemburgish
- Show strong organizational and analytical skills
- Show ability for clear expression in writing
- Be capable of working independently as well as in a team
- Be driven to deliver quality results on time with a high degree of integrity and in a highly ethical and professional manner
- Maintain the strict confidentiality of the data
- Must be able to learn, understand, and apply new regulations
The ideal candidate:
- Have knowledge of Luxemburgish or any other language
- Be holder of Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Cisco's certified network associate security certifications or Certified Information Systems Auditor (CISA)
- Have knowledge of the following compliance frameworks (each of them is exclusive): PCI-DSS, COBIT, ISO 2700X or HIPAA
- Be holder of project management certification such as PRINCE 2 or PMBOK