About Us
Gramian Consultancy is a boutique consultancy specializing in IT professional services and engineering talent solutions. With a strong background in engineering and leadership, we help companies build high‐performing teams by matching them with professionals who truly fit their needs.
About The Role
Our client is a rapidly growing European cybersecurity consulting and technology integration organization, headquartered in Luxembourg and operating internationally. Following a recent strategic acquisition by a major industrial technology group, the company is expanding its Information Security Governance practice to support increasing client demand across regulated and enterprise environments.
We are looking for an Information Security Governance Consultant to join a multidisciplinary cybersecurity team. In this role, you will work closely with CISOs, IT leaders, and business stakeholders to translate organizational needs into concrete information security strategies, governance frameworks, and risk management programs.
You will contribute to security maturity assessments, governance initiatives, compliance programs, and resilience planning, helping clients strengthen their security posture while keeping a pragmatic, business‐oriented approach. The position offers exposure to diverse projects, structured onboarding with senior consultants, and continuous development within a collaborative, people‐first environment that combines startup agility with enterprise stability.
Location
Hybrid. Office Location: Luxembourg.
Contract
Permanent.
Experience Level
Mid‐Senior (around 5+ years preferred).
Languages
French (C1‐C2)
English (minimum B1)
Interview Process
Intro Call + HR Interview + Manager Interview.
Responsibilities
Assess organizational security maturity and existing controls
Identify security initiatives and improvement roadmaps aligned with business objectives
Perform information security risk assessments and advise on risk treatment strategies
Support governance frameworks, policies, and operating models
Contribute to resilience programs (BCP/DRP, incident management, cyber crisis management)
Support regulatory and standards compliance initiatives (e.g., GDPR, ISO 27001, NIST CSF, CIS Controls)
Advise on cloud security and modern IT environments
Participate in audits, maturity assessments, and security program design
Act as a trusted advisor to management, CISOs, IT, and business teams
Requirements
5+ years of professional experience in Information Security, Cybersecurity Governance, GRC, or Security Consulting roles
Hands‐on experience with Information Security Governance frameworks and operating models
Practical experience in Information Security Risk Management (risk assessments, control reviews, treatment plans)
Strong knowledge of at least one major security framework or standard: ISO 27001/27005, NIST CSF, CIS Controls
Experience supporting compliance initiatives (e.g., GDPR, ISO 27001 certification, internal/external audits)
Ability to translate business requirements into security policies, procedures, and actionable security programs
Solid understanding of IT environments (networks, systems, cloud platforms, identity, endpoint security concepts)
Strong analytical, documentation, and reporting skills (risk registers, maturity assessments, governance documentation)
Proven ability to communicate with both technical and non‐technical stakeholders (CISO, management, IT, business teams)
Fluent French (C1‐C2, written and spoken)
Professional English (minimum B1, written and spoken)
Benefits
Hybrid / remote working options in line with local policies
Company car or mobility budget, including fuel/transport support
Comprehensive health coverage (medical, dental, hospitalization, vision)
Pension plan with employer contribution
Meal vouchers and employee benefits card
Internal and external training programs fully supported by the company
Continuous professional development in cybersecurity governance and consulting
Exposure to diverse international client projects across multiple industries
Structured onboarding with buddy system and regular follow‐ups with your team leader
Collaborative, people‐first culture with accessible management and startup mindset
Flexible environment with no formal dress code (except when required by clients)
Opportunity to grow within a rapidly expanding cybersecurity organization backed by a large international group
#J-18808-Ljbffr