19 Mar 2020

Full-Time Senior Information Security Officer (m/f)

PwC Luxembourg – Posted by Florian PlacidoAnywhere

NOTE: This job listing has expired and may no longer be relevant!


Job Description

A career in Information Security, within Internal Firm Services, will provide you with the opportunity to develop and support our internal security technologies and services across the entire global and local PwC network. You’ll focus on being the forefront of designing, developing, and implementing information technology including hardware, software, and networks that enhances security of internal information and protect our firms intellectual assets.
The Information Security team is in charge of information security governance and works closely with our IT department, where more than 160 IT specialists are involved in varied and innovative internal projects.

As a Senior Information Security Officer (m/f), you will be the point of contact for the Security team, supporting the CISO. Your job will involve:

- drawing up and playing a role in action plans ensuring that information security policies and limitations are adhered to;
- assessing the security of our service providers (especially on the cloud) and identifying associated risks;
- drafting communications and responses addressed to clients seeking to assess our security measures;
- preparing and coordinating the security audits to which we are subject, and following their subsequent recommendations;
- drawing up security procedures and policies;
- participating in the life cycle of our ISMS, which is ISO 27001-certified;
- ensuring that there is effective and constant communication with our various contacts (IT staff, the Security Operations team, internal clients, the Risk & Compliance team, lawyers, etc.);
- working with our expert security consultants on joint projects, as well as with the global PwC network on major international projects; and
- managing information security projects, from drawing up their specifications to rolling them out.

Besides this, you will be lending your expertise in performing recurrent team activities on a daily basis, such as:

- performing and following up risk analyses for IT projects;
- setting up and leading security awareness sessions for employees;
- managing security incidents;
- reviewing access rights;
- performing security audits of our systems and applications;
- reviewing the quality and consistency of the documents drawn up by the team before they are published; and
- supporting the Service Desk at level 3 in handling tickets relating to security aspects.


- You have a master’s degree or diploma in IT, with a strong specialisation in information security;
- You have at least 5 years’ experience in information security, with an in-depth knowledge of IT techniques;
- You hold certifications in information security (CISM, CISA, CISSP, ISO 27001, Lead Auditor/Implementer, etc.);
- You are proficient in French and English;
- You are approachable and have good communication and writing skills;
- You are meticulous, methodical and proactive;
- You can handle pressure and manage priorities and time constraints.

Furthermore, you have a good knowledge of the following:

- Security standards (ISO 27001, etc.);
- Windows environments (OS, Active Directory, SharePoint);
- Security in web environments and cloud solutions;
- Risk-analysis methods.

How to Apply


Job Categories: Infrastructure. Job Types: Full-Time.

1344 total views, 1 today

Apply for this Job