Information Security Officer (m/f/x)
Publiée le 16/11/2024
Luxcargo Handling S.A.
- Niederanven
- Informatique Infrastructure / Système / Réseau
Luxcargo Handling, based at Luxembourg Airport, is a handling company specializing in air freight. Founded in 2023, the company took over the Cargo Handling branch of Luxair and employs 1000 people in various roles.
Luxcargo Handling S.A. is a subsidiary of the Cargolux group, fully owned by Cargolux Airlines International S.A.
For our LCH IT department within LCH, we are looking for an:
Information Security Officer (m/f/x)
Missions:
- Develop and maintain information security management system policies and procedures defining the information security principles, frameworks, and rules for LCH
- Perform a regular cybersecurity risk assessment and follow up associated action plan
- Assess the compliance of ISMS, cybersecurity services and risk management process regarding the existent and upcoming regulation applicable to the organization
- Develop and implement information security improvement plan to comply with industry standards and regulations
- Support audit and regulatory requests about Cybersecurity
- Collaborate with other departments and stakeholders to educate employees on cybersecurity best practices and enhance organizational awareness of the importance of information security and risks.
- Contribute to the response and lesson learnt to Cybersecurity incidents to mitigate the impact for future occurrences in closed cooperation with technical IT and Cybersecurity teams
- Provide support when needed on all cybersecurity topics and coordinate actions with group cybersecurity and IT teams
Profile:
Minimum requirements for the position
- Be holder of master or engineer degree in IT (Bac +5). Bachelor degree with significant and relevant experience can be potentially considered
- Demonstrate strong knowledge of technologies and how it supports the day-to-day business, to including: Software Development Life Cycle (SDLC), Information Technology Operations, Data Center Operations, vendors management, Information Technology auditing, third party management and Cloud technology.
- Have good knowledge and implications of NIS2
- Provide a proven track of practical experience designing and implementing enterprise information technology security environment: physical and/or software.
- Have excellent knowledge of standard project management practices
- Have excellent knowledge of standard office applications
- Show excellent communication skills in English as well as skills in French or German (spoken and written)
Desired or required skills to acquire / Training to be completed
- Refer to the training table
- Demonstrate the ability to communicate at all levels, both inside and outside the company
- Show strong organizational and analytical skills
- Show ability for clear expression in writing
- Be capable of working independently as well as in a team
- Be driven to deliver quality results on time with a high degree of integrity and in a highly ethical and professional manner
- Maintain the strict confidentiality of the data
- Must be able to learn, understand, and apply new regulations
Ideal candidate
- Holding any certification in the area of Information Security will be considered as an asset.
- Have knowledge of the following compliance frameworks (each of them is exclusive): PCI-DSS, COBIT, ISO 2700X or HIPAA
- Knowledge in Project management PRINCE 2 or PMBOK
- Good knowledge and implications of Part-IS (EASA)
A Certificate of Good Conduct (Criminal Record, Polizeiliches Führungszeugnis) will be required in case of a positive selection.