Risk & Information Security Officer Permanent Contract (M/F)

A real challenge in an international high-tech environment

EBRC (European Business Reliance Centre), leader in Luxembourg and in the Greater Region and a reference model in Europe in integrated one-stop-shop "Trusted Datacentre, Cloud, Managed Services & Advisory Services", aims to become a European Centre of Excellence and Trust in the protection and management of sensitive information.

As part of the development of its "Trusted Services Europe", at national level and at European level, EBRC is seeking to recruit a: Risk & Information Security Officer - Permanent Contract (M/F)

Within the “RISC – Risk, Information, Security & Continuity” team:

  • You contribute to maintain sound Risk Management practices based on ISO 31000, ISO 27005 standards, and support EBRC in monitoring the evolution, assessment and the mitigation of threats;
  • You participate in the definition and monitoring of organizational security, including internal controls, such as dashboards and key indicators, internal operational security governance and security policies baselines;
  • You will also be responsible for ensuring compliance with EBRC certifications and regulatory requirement as well as the maintenance and continuous improvement of the associated information systems,
  • You maintain and share your knowledge regarding risks evolutions & changes of Security good practices (NIST, ISO, SANS, Competition, Research, etc.) and regulatory requirements potentially applicable to client’s and EBRC’s environment;
  • You provide information on internal risk management practices, controls, contexts and scopes of certifications and projects regarding questions, reviews and customer’s, prospect’s and other external stakeholders’ s audits;
  • You support international security project whenever necessary, assist the Business Continuity Manager in his activities, and participate in the activities of the EBRC Computer Security Incident Response Team (CSIRT).


  • You hold a BAC+3 to 5 in Information and Computer Security, Risk Management or equivalent;
  • You have a first experience in the field of Information Security, Control or Risk Management;    
  • You have a Good technical knowledge of common information systems, Architecture concepts and Security Engineering;    
  • You have a good handling of Information Systems Security standards (ISO/IEC 27001 – Information Security, ISO/IEC 22301 – Business Continuity, ISO/IEC 27017 – ISMS of Cloud Services, Hébergeurs de Données de Santé (HDS), etc) and of the risk management and securities measure’s methodologies;     
  • You gained experience in managing projects and are comfortable in Luxembourg and European’s regulatory landscape (PSF, GPDR, etc.).
  • Curious and attentive to details, you have a critical mind and a quality focus, and are comfortable in communication with different types of stakeholders.
  • You are fluent in French and English, written and spoken.

EBRC offers you the opportunity to join a company with strong growth potential.
This position is also accessible to any person with a disability.

Additional Information:
EBRC - Human Resources
For the attention of Ms Boucquey
19-23 rue Jean Fischbach
L-3372 Leudelange
Tel.: 26 06-1

Insert your document here
One file only.
5 MB limit.
Allowed types: rtf, pdf, doc, docx, odt, ppt, pptx, odp, ods.
I hereby acknowledge that my personal data will be kept by EBRC for 3 years. I can, at any time, exercise my right to access, modify or delete my data. *
*Personal data collected during your application are processed by EBRC S.A., located at 19/23, Rue Jean Fischbach, L-3372 Leudelange. Your personal data are processed for the purposes of managing EBRC’s recruitment related activities, including interviews set-up and conducts, tests for applicants, evaluations and assessments of the results, and as otherwise needed in the recruitment and hiring processes. This processing is legally authorized under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, (General Data Protection Regulation or "GDPR") insofar as it is necessary for the purposes of the legitimate objectives pursued by EBRC S.A., which are the solicitation, evaluation, and selection of applicants for employment.
Your personal data will be retained by EBRC S.A. as long as EBRC S.A. deems it necessary to evaluate your application for employment. In accordance with the provisions of the GDPR, you have the right to access, rectify and erase your personal data.
You can exercise any of these rights free of charge by contacting EBRC S.A.:
- by email to the following address: dpo@ebrc.com
- or by post addressed to: EBRC S.A. - DPO 19/23, Rue Jean Fischbach, L-3372 Leudelange
In order to be able to satisfy your request and to avoid any identity theft, a double-sided copy of your valid identity document must be attached to your letter.
You can also lodge a complaint with the National Commission for Data Protection (CNPD), via their website: www.cnpd.lu. Please note that your criminal record excerpt may be requested if you are hired by EBRC S.A.. This criminal record will be destroyed at the latest one month after its receipt.