Gramian Consultancy is a boutique consultancy specializing in IT professional services and engineering talent solutions. With a strong background in engineering and leadership, we help companies build high‑performing teams by matching them with professionals who truly fit their needs.
Our client is a rapidly growing European cybersecurity consulting and technology integration organization, headquartered in Luxembourg and operating internationally. Following a recent strategic acquisition by a major industrial technology group, the company is expanding its Information Security Governance practice to support increasing client demand across regulated and enterprise environments.
As part of this growth, we are looking for an Information Security Governance Consultant to join a multidisciplinary cybersecurity team. In this role, you will work closely with CISOs, IT leaders, and business stakeholders to translate organizational needs into concrete information security strategies, governance frameworks, and risk management programs. You will contribute to security maturity assessments, governance initiatives, compliance programs, and resilience planning, helping clients strengthen their security posture while keeping a pragmatic, business‑oriented approach. The position offers exposure to diverse projects, structured onboarding with senior consultants, and continuous development within a collaborative, people‑first environment that combines startup agility with enterprise stability.
Location: Hybrid (The person needs to reside in Luxembourg)
Office Location: Luxembourg
Contract: Permanent
Experience Level: Mid‑Senior (around 5+ years preferred)
Languages: French (C1‑C2), English (minimum B1)
Interview Process: Intro Call + HR Interview + Manager Interview
Responsibilities Assessing organizational security maturity and existing controls
Identifying security initiatives and improvement roadmaps aligned with business objectives
Performing information security risk assessments and advising on risk treatment strategies
Supporting governance frameworks, policies, and operating models
Contributing to resilience programs (BCP/DRP, incident management, cyber crisis management)
Supporting regulatory and standards compliance initiatives (e.g., GDPR, ISO 27001, NIST CSF, CIS Controls)
Advising on cloud security and modern IT environments
Participating in audits, maturity assessments, and security program design
Acting as a trusted advisor to management, CISOs, IT, and business teams
Requirements 5+ years of professional experience in Information Security, Cybersecurity Governance, GRC, or Security Consulting roles
Hands‑on experience with Information Security Governance frameworks and operating models
Practical experience in Information Security Risk Management (risk assessments, control reviews, treatment plans)
Strong knowledge of at least one major security framework or standard: ISO 27001/27005, NIST CSF, CIS Controls
Experience supporting compliance initiatives (e.g., GDPR, ISO 27001 certification, internal/external audits)
Ability to translate business requirements into security policies, procedures, and actionable security programs
Solid understanding of IT environments (networks, systems, cloud platforms, identity, endpoint security concepts)
Strong analytical, documentation, and reporting skills (risk registers, maturity assessments, governance documentation)
Proven ability to communicate with both technical and non‑technical stakeholders (CISO, management, IT, business teams)
Fluent French (C1‑C2, written and spoken)
Professional English (minimum B1, written and spoken)
Benefits Hybrid / remote working options in line with local policies
Company car or mobility budget, including fuel/transport support
Comprehensive health coverage (medical, dental, hospitalization, vision)
Pension plan with employer contribution
Meal vouchers and employee benefits card
Internal and external training programs fully supported by the company
Continuous professional development in cybersecurity governance and consulting
Exposure to diverse international client projects across multiple industries
Structured onboarding with buddy system and regular follow‑ups with your Team Leader
Collaborative, people‑first culture with accessible management and startup mindset
Flexible environment with no formal dress code (except when required by clients)
Opportunity to grow within a rapidly expanding cybersecurity organization backed by a large international group
#J-18808-Ljbffr