JOB DESCRIPTION

The IT & Security Compliance Officer Officer needs to ensure compliance monitoring from the design & implementation of any IT and cloud controls to the full production rollout. A focus will be made on cloud computing solutions and risk elements that are affecting IT and Security operations of out CSSF regulated entities in Luxembourg. The IT & Security Compliance Officer will ensure a dynamic follow up on CSSF circulars related to IT and be the main link with our regulated entities in Luxembourg. In addition, the IT & Security Compliance Officer will be holding a Threat Intelligence position in which the role will focus on being responsible for independent collection, analysis and production of finished Threat Intelligence in support of Cyber Defense, Technology, and additional lines of business. The candidate will be responsible for collecting information and conducting technical analysis to develop intelligence for the enterprise. Additionally, the candidate will maintain awareness of the global threat landscape and review complex, technical threat data, enrich it with contextual information and produce in finished intelligence for stakeholder consumption.
The identified candidate will be responsible for the following:

IT governance, outsourcing, cloud risks

• IT governance, risk management and compliance
• IT sourcing models (incl. cloud)
• Cloud risks considerations
• Cloud Contractual clauses analysis in conjunction with legal.

Overview of cloud technologies

• Definition
• Coud Service Model
• Cloud Development Model
• Materiality assessment
• Providers landscape and overview of service offering
• SLAs in the Cloud models

Shared security model

• Orchestrating Security testing with the Group Security Team.
• Reporting Confidentiality risk
• Enforcing security controls

Threat Intelligence

• Understanding and familiarity with cloud security and concepts or knowledge of static and/or dynamic malware analysis
• Experience in Cyber Threat Intelligence 
• Experience in Intelligence and/or Counterintelligence
• Experience conducting threat modeling
• Intimate understanding and familiarity with the intelligence cycle 

Skills and attributes for success

• Strong technical writing skills
• Extensive experience with analytical tradecraft
• Thorough understanding of cybersecurity principles
• Ability to works independently and build relationships
• Efficienct research methodologies

QUALIFICATIONS

• 3+ years of information security experience
• Experience supporting incident response and/or investigations
• Experience reviewing and assessing logs for anomalous activity indicating the presence of a threat 
• knowledge and ability to indentify threat actir attack methods and track their developments
• Experience using the Diamond threat model or Cyber Kill Chain

Interested applicants may send their updated CV to ccpingco@knollridges.com.ph

Subject: [Applicant's Name] - [Position]