About Us
Gramian Consultancy is a boutique consultancy specializing in IT professional services and engineering talent solutions. With a strong background in engineering and leadership, we help companies build high‑performing teams by matching them with professionals who truly fit their needs.
About The Role
Our client is a rapidly growing European cybersecurity consulting and technology integration organization, headquartered in Luxembourg and operating internationally. Following a recent strategic acquisition by a major industrial technology group, the company is expanding its Information Security Governance practice to support increasing client demand across regulated and enterprise environments.
We are looking for an Information Security Governance Consultant to join a multidisciplinary cybersecurity team. In this role, you will work closely with CISOs, IT leaders, and business stakeholders to translate organizational needs into concrete information security strategies, governance frameworks, and risk management programs.
You will contribute to security maturity assessments, governance initiatives, compliance programs, and resilience planning, helping clients strengthen their security posture while keeping a pragmatic, business‑oriented approach. The position offers exposure to diverse projects, structured onboarding with senior consultants, and continuous development within a collaborative, people‑first environment that combines startup agility with enterprise stability.
Location
Hybrid. Office Location: Luxembourg.
Contract
Permanent.
Experience Level
Mid‑Senior (around 5+ years preferred).
Languages
* French (C1‑C2)
* English (minimum B1)
Interview Process
Intro Call + HR Interview + Manager Interview.
Responsibilities
* Assess organizational security maturity and existing controls
* Identify security initiatives and improvement roadmaps aligned with business objectives
* Perform information security risk assessments and advise on risk treatment strategies
* Support governance frameworks, policies, and operating models
* Contribute to resilience programs (BCP/DRP, incident management, cyber crisis management)
* Support regulatory and standards compliance initiatives (e.g., GDPR, ISO 27001, NIST CSF, CIS Controls)
* Advise on cloud security and modern IT environments
* Participate in audits, maturity assessments, and security program design
* Act as a trusted advisor to management, CISOs, IT, and business teams
Requirements
* 5+ years of professional experience in Information Security, Cybersecurity Governance, GRC, or Security Consulting roles
* Hands‑on experience with Information Security Governance frameworks and operating models
* Practical experience in Information Security Risk Management (risk assessments, control reviews, treatment plans)
* Strong knowledge of at least one major security framework or standard: ISO 27001/27005, NIST CSF, CIS Controls
* Experience supporting compliance initiatives (e.g., GDPR, ISO 27001 certification, internal/external audits)
* Ability to translate business requirements into security policies, procedures, and actionable security programs
* Solid understanding of IT environments (networks, systems, cloud platforms, identity, endpoint security concepts)
* Strong analytical, documentation, and reporting skills (risk registers, maturity assessments, governance documentation)
* Proven ability to communicate with both technical and non‑technical stakeholders (CISO, management, IT, business teams)
* Fluent French (C1‑C2, written and spoken)
* Professional English (minimum B1, written and spoken)
Benefits
* Hybrid / remote working options in line with local policies
* Company car or mobility budget, including fuel/transport support
* Comprehensive health coverage (medical, dental, hospitalization, vision)
* Pension plan with employer contribution
* Meal vouchers and employee benefits card
* Internal and external training programs fully supported by the company
* Continuous professional development in cybersecurity governance and consulting
* Exposure to diverse international client projects across multiple industries
* Structured onboarding with buddy system and regular follow‑ups with your team leader
* Collaborative, people‑first culture with accessible management and startup mindset
* Flexible environment with no formal dress code (except when required by clients)
* Opportunity to grow within a rapidly expanding cybersecurity organization backed by a large international group
#J-18808-Ljbffr