Information Security Officer (m/f/d)

at  PwC Luxembourg

WHO WE ARE

:
We are the largest professional services firm in Luxembourg, providing audit, tax and advisory services including management consulting, transaction, financing and regulatory advice to a wide variety of clients. To make it happen, we count on the expertise of over 3,700 people from more than 94 different countries, who strive every day to reach excellence and team up to solve important problems through innovative solutions. We value diverse and singular career paths, embrace everyone’s unique self and encourage our People to fuel their potential in a work environment that is inclusive, stimulating, and motivating.

BE A PART OF OUR TEAM WHERE YOU WILL:

• Analyze security audit reports (from pentests, red team exercises, security assessment tools, etc.), understand the vulnerabilities and establish action plans to remediate them. You will liaise with our IT specialists to find the most appropriate remediation and ensure the follow up of the action plans until they are completed;
• Participate to our vulnerability management and security hygiene activities;
• Assessing the security of our service providers (especially on the cloud) and identifying associated risks;
• Draft communications and responses addressed to clients seeking to assess our security measures;
• Provide assistance in collecting evidences, explanations, and follow up of recommendations in the context of the security audits to which we are subject to;
• Draw-up security procedures and policies;
• Participate in the life cycle of our Information Security Management System, which is ISO 27001-certified;
• Maintain an effective and constant communication with our various stakeholders (IT, internal and external clients, Risk & Quality teams and leaders, etc.);
• Act as a security consultant on joint projects, as well as with the global PwC network on international projects and initiatives.

Besides this, you will be lending your expertise and supporting the team in performing recurrent team activities daily, such as:

• Participating to the design and deployment of the security awareness program for employees;
• Intervene in the treatment of Information Security incidents;
• Performing security audits of our systems and applications and;
• Supporting the Service Desk at level 3 in handling tickets relating to security aspects.

Let’s talk about you. If you …

• Have a master’s degree in Computer Science or equivalent with a specialization in information security;
• Are proficient in English, French is an asset;
• Have excellent communication and writing skills;
• Have a team spirit;
• Have talent for negotiating with various stakeholders and have a good analytical thinking to help finding the most appropriate solutions;
• Are meticulous, methodical and proactive;
• Can handle pressure and manage priorities and time constraints;
• Have a certification in information security (CISM, CISA, CISSP, CRISC, ISO 27001, Lead Auditor/Implementer, etc.), it would of course be an asset;

Furthermore, you have a good knowledge of the following:

• Windows environments (OS, Active Directory, SharePoint);
• Security in web and cloud environments (Azure, AWS);
• Vulnerability Management;
• Risk-analysis methods.
• A good understanding of ISO 27001 and other security standards will be an asset.

A FINAL WORD ABOUT US:

At PwC, we believe diversity is the representation of all the characteristics that make us both alike and unique. Our backgrounds, cultures, nationalities, lifestyles, identities, opinions and beliefs, approaches to solving problems, ways of working, and views of personal and professional success, all add value to the services we deliver to our clients. Our objective is to nurture an inclusive environment where a diverse mindset is ingrained, and inclusion is the norm. We constantly focus on respecting and valuing individual differences.

Please refer the Job description for details