Information security strategy, risk and compliance

imrim provides pragmatic services and solution to face the threat landscape, plan and operationalize the IT risk management process.

In our phase of growth, we are looking for an experienced senior security consultant who is able to deliver strategic security advisory services and conduct comprehensive information security assessments for our customers.

The candidate would be expected to drive IT risk-based projects that require the below skills and experience:

Demonstrated knowledge and qualifications:

  • Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and/or Control Objectives for Information and Related Technology (COBIT) frameworks
  • Familiarity with applicable legal and regulatory requirements, including, but not limited to, PSF-related constraints, PCI-DSS and the GDPR
  • Knowledge of, and experience in developing and documenting security architectures and plans, including strategic, tactical and project plans
  • Global understanding of security infrastructure technologies, such as firewalls, proxies, IPS, WAF, etc.
  • Global understanding of security management solutions, such as DLP, SIEM, IAM, etc.

Desired Skills and Experience

  • Bachelor’s Degree
  • At least 5 years of experience in the information security consulting field
  • At least 3 years of experience in interfacing at multiple levels of client management and building relationships
  • Basic knowledge in working across diverse technical teams to facilitate solutions
  • Industry certification (e.g. CISSP, GIAC suite, EC-Council, CISA) is an asset
  • Strong time management skills; self-directed, with the ability to thrive in a fast-paced and dynamic environment
  • Ability to present ideas and results to technical and non-technical audiences
  • Team oriented, with extensive experience in managing complex projects
  • Fluent in English. French, German and Luxembourgish are strong assets
  • Demonstrated communication, written and presentation skills
  • Willingness to present researches at security conferences