Associate Information Security Officer – based in Luxembourg

This position is based at our Luxembourg headquarters and requires regular office presence. The European Investment Bank (EIB) offers the opportunity to live and work in a truly international and multi‑cultural environment, with relocation support.

The EIB, the European Union’s bank, is recruiting an Associate Information Security Officer for its Group Risk & Compliance Directorate – Office of the Group Chief Compliance Officer (GR&C‑OCCO), Group Non‑Financial Risk Department (GNFR), Project Management & Information Security Division (PMI), Information Security Risk Unit (InfoSec) at its headquarters in Luxembourg. The role is full‑time at grade 4 and offers a permanent contract. Panel interviews are anticipated for early January 2026.

• Support the implementation of an Information Security Management System (ISMS) consistent with requirements and/or regulations:
  • Assist with the development and maintenance of the Bank’s information security‑related policies, standards, and procedures, in close cooperation with IT Security, IPAQ, Physical Security, Data Protection Office, and other EIB Group services whenever required.
  • Assist with the implementation, review and update of the Bank’s Information Security Policies framework.
  • Formulate proposals for the integration of information security into the Bank’s policies.
  • Ensure close collaboration with peers in the European Investment Fund (EIF).
• Participate in the implementation and monitoring of the EIB’s risk assessment process.
• Contribute to the development of relevant key risk indicators and associated reporting dashboards, and the implementation of consequent information security controls in collaboration with other relevant services.
• Execute key processes related to Information Security policies, to ensure the successful implementation, maintenance, and continuous improvement of agreed information security measures in the ISMS:
  • Support Business Owners in carrying out information security risk assessments.
  • Monitor the implementation of agreed information security controls.
  • Identify and perform due diligence in line with EIB Group processes for the implementation of adequate tooling.
  • Work in collaboration with Information Systems (IS) for the development of a work plan and agreed actions for the protection of EIB’s information assets and the confidentiality, integrity and availability of EIB documents and data.
  • Contribute to the provision of support for internal and external audit requests.
  • Contribute to Information Security Incident Management responses.
  • Coordinate Information Security Awareness Programme actions amongst staff (both permanent staff and consultants/contractors) through training and communication programmes.
  • Collaborate with Financial Control, Internal Controls and Assertions on the Internal Control Framework (ICF).

• University degree (minimum equivalent to a Bachelor) in a relevant field such as risk management, IT or information management. Post‑graduate studies or certifications (CISA, CISSP, CISM, GCIH) would be an advantage.
• Minimum 3 years of relevant experience in information security, preferably in a financial services domain.
• Experience supporting information security implementation and/or information security audit would be a strong asset.
• Understanding of the financial services sector and its interdependence with cybersecurity.
• Knowledge sharing skills, including presentation and drafting of documentation.
• Knowledge of ethical hacking techniques and understanding of how to test and validate defences (hands‑on experience or oversight) would be preferred.
• Experience with Cloud Service Providers would be an advantage.
• Excellent knowledge of English and/or French (minimum level 5 of Inter‑Institutional language courses, corresponding to B1.2 of the CEFR). A good command of the other language is also required. Knowledge of other EU languages would be an advantage.

We hire and value talent with unique characteristics, creating a work environment where they can be themselves. We believe that Diversity, Equity and Inclusion make us a performing and innovative organisation. We encourage all suitably qualified and eligible candidates to apply regardless of gender identity / expression, age, racial, ethnic and cultural background, religion and beliefs, sexual orientation, disability or neurodiversity. We strongly invite applicants with a disability, neuro‑divergent profile or chronic condition to request reasonable accommodations at any stage during the recruitment process.

By applying for this position, you acknowledge the importance of maintaining the security and integrity of the Information of the EIB Group. In case of selection you agree to comply with all measures (policies, controls, document classification and management) implemented by the EIB Group to prevent unauthorised disclosure of any information or any damage to the EIB Group reputation.

Deadline for applications: 12th December 2025