Cybersecurity & IT Risk Advisor (H / F)

Harry Hope, cabinet de recrutement accompagne candidats et entreprises dans leurs recherches des meilleures opportunités en France et à l'international. Afin de mieux répondre à vos enjeux, tous nos consultants sont spécialisés par secteur d'activité et zone géographique.

One of our client is seeking a Cybersecurity & IT Risk Advisor with experience in the financial sector to support governance, oversight, and control activities related to ICT risks. The role focuses on ensuring compliance with European regulations (DORA, CSSF circulars) and international security standards (ISO 27001, NIST, CIS, ITIL).

The professional will operate within the Second Line of Defense, collaborating with IT Risk, IT Security, and senior management, ensuring independence, analytical rigor, and a strong methodological approach.

• Conduct ICT risk assessments, compliance reviews, and gap assessments against regulatory and industry standards (DORA, GDPR, ISO, NIST).
• Define, evaluate, and continuously monitor ICT controls, KPI / KRI, risk thresholds, and security indicators.
• Support ICT incident classification, reporting processes, and non‑compliance management.
• Contribute to the review and enhancement of IT Security policies, procedures, and governance documentation.
• Support ICT third‑party management activities, including vendor oversight and regulatory compliance for IT outsourcing.
• Assist in preparing reports and dashboards for senior management, audit functions, and control bodies.
• Promote security best practices, awareness initiatives, and consistent operational standards.

• Experience in IT Risk Management, Cybersecurity Governance, IT Compliance, IT Audit, or Second Line of Defense roles.
• Strong knowledge of major regulatory frameworks and standards : DORA, EBA Guidelines, CSSF circulars, ISO 27001, NIST, ITIL, CIS.
• Strong analytical and problem‑solving skills, with the ability to manage tasks independently.
• Excellent written and verbal communication skills, comfortable interacting with senior stakeholders.

• Italian : mandatory
• English : mandatory
• French : considered a strong plus

• Master's degree.
• Relevant certifications (ISO / IEC 27001 Lead Implementer / Auditor, ITIL v4, Azure Fundamentals).
• Availability to work full‑time on‑site in Luxembourg.