Junior GRC Consultant

Posted 24 December 2025
Salary Competitive
LocationLuxembourg
Discipline Cyber Security
Reference75731

Job description

Role: Freelance B2B/ Junior Cybersecurity GRC Consultant
Contract Type: Long-term project
Start Date: January 2026
Location: Luxembourg (primarily on-site, limited remote possible)
Daily Rate: €420/day
Eligibility: EU nationality required
Language: English (C2), French (minimum B1)

Role Overview

We are seeking a Junior Cybersecurity GRC Consultant to support IT and information security governance activities. The consultant will contribute to regulatory compliance, risk management, security documentation, and awareness initiatives aligned with EU cybersecurity frameworks and internal digital strategies.

The role sits within an established IT Security team and focuses on strengthening governance, risk, and compliance processes while supporting day-to-day operational security activities.

Key Responsibilities

  • IT Security Risk Management

  • Support preparation and updates of IT security risk assessments using structured risk methodologies

  • Maintain risk registers and supporting documentation using GRC tools

  • Security Governance & Documentation

  • Assist in drafting and updating IT Security Plans, procedures, and guidelines

  • Contribute to alignment with EU and international security standards

  • Audit & Compliance Support

  • Prepare documentation for audits, controls testing, and security certifications

  • Support compliance with recognised IT security frameworks and standards

  • Monitoring & Reporting

  • Monitor compliance status and report on security posture and gaps

  • Support tracking of mitigation actions and risk treatment plans

  • Awareness & Training

  • Develop cybersecurity awareness materials and internal documentation

  • Support delivery of training sessions and awareness campaigns

  • Operational Security Support

  • Assist with identity and access management processes

  • Support incident reporting, ticket handling, and security tooling integration

  • Project & Coordination Activities

  • Support planning, tracking, and reporting of security-related activities

  • Organise meetings, follow up on actions, and maintain documentation

    Required Profile

    Education

    • Minimum EQF Level 5 (post-secondary education)

    Technical Knowledge

    • Basic knowledge of IT security policies, standards, and controls

    • Familiarity with one or more of the following:

    • ISO 27001 / ISO 27000 series

    • NIST frameworks

    • IT Security Risk Management (ITSRM)

    • IT service or project management methodologies (e.g. ITIL, PM2)

    Certifications (at least one preferred)

    • CompTIA Security+

    • ISO 27001 Foundation

    • CISA / CISM / CISSP (or progress towards)

    • CEH or equivalent security certification

    Soft Skills

    • Comfortable working in international and multicultural environments

    • Strong documentation and organisational skills

    • Discretion and professionalism when handling sensitive information