Security Chapter Lead - Head of Security Office - C.

About Proximus NXT

Proximus NXT Luxembourg supports all organizations in their digital transformation, by providing holistic ICT & Telecommunication solutions, as well as tailored managed services. With our partners and customers, we co-create opportunities and enable growth in a secure and sustainable manner. As a result of our unique expertise in next-gen IT services, mobile and advanced connectivity, we help our customers achieve their ambitions and realize their vision.

Together with them and our partners we implement sovereign and trusted solutions that make people work smarter.– www.proximusnxt.lu

Your mission :

Overview: As the Security Chapter Lead and Head of Security Office, you will be responsible for providing leadership and direction to our security team within the consortium matrixial organization. 
Your primary focus will be on ensuring the security and integrity of our IT infrastructure, systems, and data. You will lead the Security Office, driving the development, standardization and implementation of security policies, practices, and controls aligned with industry standards and regulatory requirements. Collaborating closely with cross-functional teams across squads, you will integrate security into all aspects of our operations and development lifecycle.

Key Responsibilities:
1. Security Strategy and Governance:

• Develop and maintain the security strategy and roadmap for the consortium organization, in alignment with business objectives, regulatory requirements, and industry best practices.
• Organize the Security Office team to ensure smooth delivery and process-based relationship with technical squads. Project Management skills are mandatory, with the use ticketing and planning systems.
• Establish and enforce security policies, standards, and procedures across squads and chapters, ensuring compliance with relevant laws, regulations, and contractual obligations.
• Provide strategic guidance and recommendations to senior leadership and the Security Office on the organization's security posture and risk management.

2. Security Architecture and Engineering:

• Define and maintain the security architecture and design principles for IT systems, applications, and infrastructure, incorporating security-by-design principles into 
• development processes.
• Collaborate with architecture and engineering teams to evaluate, select, and implement security technologies, tools, and solutions to mitigate risks and enhance security posture.
• Conduct security architecture reviews, assessments, and audits of systems and applications, identifying vulnerabilities and recommending remediation measures.

3. Security Awareness and Training:

• Develop and deliver security awareness and training programs for employees, contractors, and stakeholders, promoting a culture of security awareness and compliance.
• Provide guidance and support to squads and chapters on security best practices, secure coding principles, and threat mitigation techniques
•  Monitor and measure the effectiveness of security awareness and training initiatives, adjusting strategies as needed to address evolving threats and risks.

4. Security Compliance and Assurance:

• Collaborate with internal audit, compliance, and legal teams to ensure adherence to security requirements and contractual obligations.
• Maintain security documentation, evidence, and artifacts to demonstrate compliance with security standards and regulations.

5. Security Operations and Incident Response:

• Oversee security operations, including monitoring, detection, and response to security incidents and breaches across the organization.
• Lead the Security Incident Response Team (SIRT), coordinating efforts to investigate and mitigate security incidents in a timely and effective manner.
• Develop and maintain incident response plans, playbooks, and procedures, conducting regular tabletop exercises and simulations to test and improve response capabilities.

Your profile :

• Bachelor's degree in Information Security, Computer Science, or a related field; advanced degree or relevant certifications (e.g., CISSP, CISM, CISA) are a plus.
• Proven experience (min 5 years) in information security, with a focus on security strategy, governance, operations, and compliance.
• Strong understanding of security frameworks, standards, and best practices (e.g., NIST Cybersecurity Framework, CIS Controls, OWASP Top 10).
• Experience in leading and managing cross-functional security teams in a dynamic and fastpaced environment.
• Excellent communication, leadership, and stakeholder management skills, with the ability to influence and collaborate effectively at all levels of the organization.
• Strong analytical, problem-solving, and decision-making skills, with a strategic mindset and attention to detail.

Requirements:

• EU citizenship.
• Fluency in English (written and spoken) is required; proficiency in any other European language is a plus

Our offer :

A professional and stimulating work environment in the IT & telecom sector. Multiple career opportunities within the Proximus Group at national and international level, cutting-edge training in new technologies, a wealth of recognized expertise. We also offer an attractive salary package and many other benefits.

Our company is an equal opportunity employer, valuing diversity in all its forms. We firmly believe that each individual brings a unique richness to our teams, and we are committed to creating an inclusive environment where every voice counts.

If at the end of the process your application is successful, you will be asked to provide an extract from your criminal record. Your personal information will be handled in compliance with applicable data protection laws.