Line of Service

Internal Firm Services

Industry/Sector

Not Applicable

Specialism

IFS - Information Technology (IT)

Management Level

Senior Associate

Job Description & Summary

PwC Luxembourg is hiring an IT Security Officer (m/f/d). What if it was you? 

  

Your mission: We’re looking for an IT Security Officer to strengthen our cybersecurity posture and help protect our organization’s systems, data, and people. In this role, you’ll be part of a dedicated security team responsible for assessing products, enforcing security controls, supporting IT teams, and ensuring compliance with security standards. If you enjoy solving security challenges and want to make a real impact, this role will suit you well. 

 

Be a part of our team where you will:  

  

Methodology & guidelines 

Enforce security policies, standards, and procedures across IT systems and services;

Conduct regular security checks and configuration assessments;

Track vulnerabilities and follow up with technical teams to ensure timely remediation;

Provide security guidance during system changes, deployments, and upgrades;

Coordinate and support audits and compliance activities (NIS, ISO 27001, …);

Support IT projects end‑to‑end, from early security assessment to CAB validation for production release;

Maintain and communicate policies, procedures, guidance, standards and instructional materials to IT teams based on NIS information.;

Review and analyze design documentation to ensure appropriate security controls are in place;

Maintain accurate records of security controls, exceptions, and risk acceptance decisions;

Coordinate and oversee penetration testing activities.

     Security Assessments 

Conduct security assessments on products and any software developed. Identify risks and define remediation actions.;

Evaluate the security of solution architecture to validate the use of the solution within our IT landscape;

Acts as the main point of contact for all security assessments and remediation advice. 

 

Let’s talk about you. If you are/have 

Bring at least 3 years of experience in a related field;Hold a Bachelor’s degree;Are familiar with industry best practices, standards and frameworks such as ISO 27001, NIST, OWASP and the MITRE ATT&CK Framework;Communicate clearly and effectively, both verbally and in writing, and can explain complex technical concepts to non‑technical audiences;Possess strong technical knowledge in cybersecurity, including application security, security assessments and security controls;Feel comfortable educating and training non‑technical colleagues on security best practices and protective measures;Approach cybersecurity holistically, considering both human and technological aspects, and understand the role of user behaviour in maintaining security;Have experience in vulnerability management, including identification and follow‑up;Are fluent in English and French;

…you are the candidate we are looking for!

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Embracing Change, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure {+ 11 more}

Desired Languages (If blank, desired languages not specified)

Travel Requirements

Not Specified

Available for Work Visa Sponsorship?

Yes

Government Clearance Required?

No

Job Posting End Date