For our department Information Securitywithin LuxairGroup , we are looking for a (an) :
Information Security Officer
Description :
As a Junior Information Security Officer you willactively contribute to maintaining and strengthening Luxair group's informationsecurity posture.
With a strong interest in information security you willassist the CISO in the management of the information security management systemand all related activities of the department.
Responsibilities :
Participate in the creation and maintenance of information security policies, standards, baselines, guidelines and procedures in collaboration with keys stakeholders (business and technical teams)
Contribute to the development of an effective information security awareness program and provide planned trainings
Actively monitor the state of security systems, company network and technical controls to ensure their effectiveness and suggest improvements
Contribute to the collection of security logs and leverage existing solution (SIEM..) to identify abnormalities and violations scenarios in close collaboration of a Manage Service Security Provider
Develop and maintain secure operation processes and incident response playbooks
Respond in a timely manner to escalated security incidents and work with external and / or internal stakeholders to provide timely resolution.
Initiate incident reporting and post-incident status as necessary
Contribute to the overall access control management
Monitor the compliance with information security policies and standards including PCI-DSS and participate in external organization audits or certification as directed
Participate in the design and execution of vulnerability assessments, penetration tests, security audits, and remediation of identified vulnerabilities
Performs vulnerability scanning for network devices, applications and databases to identify vulnerabilities
Perform risk and security assessment based on established standards
Participate in the planning and design of the company Business Continuity and Disaster recovery Plan
Contribute to the creation and maintain up-to-date baselines, secure configuration and system hardening activities with internal technical teams
Education & skills
Bachelor in Computer Science / Information Security or equivalent combination of education and experience that satisfy the requirements of the position
Previous relevant experience in Information Security
Experience troubleshooting common network devices, network vulnerabilities and network attack patterns
Experience with Microsoft 365 and Office 365 Enterprise Mobility and Security E5 components, including ATP2, CloudApp, Azure AD Identity Protection
Hands on experience managing an array of security tools (e.g. Web Content Filtering, Malware, Firewalls, Intrusion Protection, etc.)
Working knowledge of information security control technologies including access control, cryptography, vulnerability management, SIEM / log management, ID / IPS, and penetration test
Knowledge of industry best practices, standards and regulations (ISO27001, ISO27005, GDPR, PCI-DSS )
Strong passion and interest in information security
Ability to collaborate with both technical and non-technical staff
Organized, proactive and customer-oriented
Good analytical skills with the ability to clearly explain and summarize ideas
Strong critical thinking and problem solving skills
Self-motivated individual and able to work methodically with minimal supervision
Positive can-do attitude with a mature and professional approach
Excellent verbal, written and interpersonal communication skills both in English and French as well as attention to detail 
