IT GRC Manager (IT Governance, Risk and Compliance)

Working for lux-Airport

lux-Airport is the company that operates Luxembourg's national airport.

Its main roles are :

• Providing a safe, high-performance infrastructure for the air transport of passengers and goods
• Developing the surrounding areas in terms of activities and facilities.

Our airport serves more than 100 direct destinations and welcomed some 4.7 million passengers in 2023.

lux-Airport currently employs over 370 people from a wide range of backgrounds and nationalities.

The smooth running of our company relies first and foremost on the passion and excellence of our staff.

To continue to meet our commitments and move forward with new projects, we are constantly on the lookout for new talent.

Our job opportunity

Today, we are currently recruiting an IT GRC Manager (IT Governance, Risk and Compliance).

Your responsibilities

*Your daily tasks

• Developing and maintaining an IT governance framework aligned with the company's strategic objectives
• Working with stakeholders to define IT policies, standards and procedures
• Monitoring key performance indicators (KPIs) and produce reports to assess the effectiveness of IT governance
• Ensuring IT reporting to the Head of IT
• Identifying, assessing and prioritising risks relating to information systems and digital infrastructures
• Implementing and monitoring risk mitigation plans
• Carrying out impact analyses and proposing solutions to strengthen IT resilience
• Ensuring compliance with standards such as ISO 27001, RGPD, PCI-DSS and other applicable regulations
• Organising and supervising internal and external IT audits
• Maintaining complete and up-to-date documentation of compliance processes
• Working with cyber security teams to integrate the necessary controls into IT systems
• Identifying vulnerabilities and proposing improvements to minimise security risks
• Training employees in good IT security and compliance practices
• Acting as a key liaison between IT teams, business departments and senior management

*Your other missions

• Organising awareness sessions on IT risks and compliance requirements
• Preparing regular reports to inform management of progress and potential risks
• Participating in the integration of new employees
• Participating in waste sorting and energy saving through responsible behavior

--

The required profile

Studies / training

• Master's degree in computer science, information systems management or equivalent
• Relevant certifications, such as CISM, CISA, CRISC, or ISO 27001 Lead Implementer/Auditor

--

Experience

• Minimum 5 years' experience in a similar role or in IT risk management, compliance or information security
• Experience in project management and coordination with multidisciplinary teams

--

Skills and knowledge required

*IT Tools

Mandatory:

Microsoft Office suite

*Languages

Mandatory:

• French: fluent spoken and written (C1 minimum)
• English: operational level in the business - advanced level (B2 minimum)

*Know-how and interpersonal skills specific to the job

• Analytical skills
• Good interpersonal skills
• Teamwork and collaboration

*Other

• Good knowledge of IT governance frameworks (COBIT, ITIL, etc.)
• Expertise in IT risk management and cybersecurity
• Experience with GRC (Governance, Risk, and Compliance) tools
• In-depth knowledge of security and data protection standards and regulations
• Valid permanent B driving licence

Our offer

• A compensation based on a salary scale, plus fringe benefits
• A chance to work for an internationally-known and fast-growing Luxembourgish company
• A professional opportunity in the field of aviation, a high-tech sector.

Note regarding the recruitment process

• The whole application process is managed by Skeeled.
• Our recruitment team will contact you in case your profile matches to our needs.

Thank you in advance for your understanding.