Information Security Officer



Specialism / Function

Business Advisory

Entry Route

3 years

Position Type

Full Time Employment


The Information Security Officer is assisting the Chief Information Security Officer for ensuring appropriate Information Security Management Systems and Security controls are in place to meet security objectives and strategy. An important part of the role is to organize security risks management and ensure that security risks are identified, assessed and accurately reported. Additionally, the ISO is charged with ensuring local procedures and activities comply with all regulatory requirements and internal policies, procedures, guidelines and standards. The ISO is the centre of competence for Information Security providing an advisory services role and acting as the focal point for security compliance related activities.



  • Diligently maintain ISMS and underlying policies, procedures, standards and guidelines;
  • Assist in developing, maintaining and updating the Information Security Strategy and Information Security Program;
  • Actively ensure appropriate organisational and technical measures are effective to  protect Grant Thornton Luxembourg information assets from internal and external threats;
  • Identify, introduce and implement appropriate procedures to assess the effectiveness of the security controls;
  • Thoroughly conduct and complete annual reviews and audits as required engaging both internal business partners across the organisation and external resources;
  • Be involved in the security incident and vulnerability management processes;
  • Assist in performing on-going security monitoring of information systems including assessing information security risk through qualitative risk analysis on a regular basis;
  • Conduct functional and gap analysis to determine the extent to which key business areas and infrastructure comply with regulatory requirements, evaluate and recommend new information security technologies and counter-measures against threats to information or privacy;
  • Develop security reports and dashboards;
  • Assist in developing effective staff training programs increase security awareness across the firm;
  • Leverage upon technology (tools, and software) to enhance client research and deliverables in an effective and efficient manner.



  • Excellent level of English (French and/or German is a plus);
  • At least three years’ experience in similar role;
  • Demonstrated ability to understand legal, technical and governance topics;
  • Experience completing multiple projects simultaneously on time and with minimal direct supervision;
  • Experience in Information Security Risk Management;
  • Experience in or with information security references like ISO2700x norms.



Please send your CV with the reference Information Security Officer by email at

All applications will be treated as strictly confidential.


All personal data that will be collected from candidates as part of the recruitment process, will be processed in compliance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), (Enforcement date: 25 May 2018).

This among others means that they will only be processed based on one of the possible legal basis (as per Art. 6 of the GDPR), be it with the candidates’ consent or on the basis of an employment contract. This also means that personal data will not be retained for more than required by the GDPR or by applicable Luxembourg laws i.e. beyond completion of the recruitment process.

For more information, we encourage you to read our Privacy Notice. If you have any questions, please contact us at


Sound like you?

Apply now