Devoteam is an AI-driven tech consulting firm specialised in cloud platforms, cyber, data, and sustainability.
Tech native for almost 30 years, Devoteam guides businesses through sustainable digital transformation to deliver value.
With over 11,000 tech architects in more than 25 countries across Europe, the Middle East, and Africa, Devoteam is committed to using technology to serve people.
As a Microsoft Gold Partner, we are ideally equipped to meet our customers' growing needs in areas such as Azure, Microsoft 365, security and business applications, helping to modernize their infrastructures around Cloud technologies.
We are looking for an experienced Senior Compliance Consultant specializing in security compliance. This role requires a strong understanding of Luxembourg and EU legal and regulatory landscape, alongside expertise in data protection and information security.
As a Senior Compliance Consultant, you will play a key role in ensuring that our clients adhere to regulatory obligations, reduce compliance risks, and maintain the highest standards of security compliance.
Key Responsibilities
Regulatory Compliance Advisory
Provide expert advisory on Luxembourg and EU regulatory requirements, including DORA, NIS2, GDPR, PSD2, and PCI DSS. Assist in interpreting, assessing and implementing guidelines set forth by regulatory bodies like the CSSF, CAA.Security Compliance Program Development
Develop and/or enhance client security compliance programs, ensuring alignment with relevant security compliance requirements such as ISO 27001, NIST, PCI DSS, and other industry standards. Conduct assessments and gap analyses, identifying areas of non-compliance, related risks and recommending mitigation measures. Design customized compliance policies, procedures, and controls that meet regulatory and security requirements.Risk Assessment and Mitigation
Conduct security and compliance risk assessments, focusing on identifying and mitigating regulatory and operational risks. Provide strategic recommendations to address identified risks and design tailored action plans to enhance security posture and compliance adherence. Develop risk management reports for stakeholders, including insights on risk exposure and suggested mitigation strategies.Compliance Training and Awareness
Deliver compliance training and workshops, on regulatory and related security obligations. Develop and provide materials, such as policy guides, compliance toolkits, and security awareness programs.Audit Support and Coordination
Coordinate and support client security audits, including preparation, response management, and addressing findings. Develop audit-readiness plans, to maintain a state of compliance through continuous improvement. Prepare compliance reports and findings for management and regulatory authorities as needed. QualificationsMust have
Bachelor's or Master's degree in information technology, information security or a related field. A minimum of 3 years in a compliance related role, with a strong focus on security compliance. Knowledge of security and compliance frameworks, standards, and regulations (e.g., ISO 27001, GDPR, CIS) Strong understanding of the Luxembourg local regulatory environment (e.g., CSSF, CAA compliance requirements). Proven ability to conduct compliance advisory, audits, risk management, and develop security policies. Fluent in French AND English and have excellent communication skills.Nice to have
Relevant certifications such as CISA, CISM, ISO 27001, or GDPR and DORA Practitioner. Knowledge of additional security and compliance frameworks, standards, and regulations (e.g., DORA, NIS2, NIST, PCI DSS). Excellent analytical, communication, and consulting skills, including experience working with clients and cross-functional teams. Informations complémentaires