Cybersecurity Director

The Governance, Risk & Internal Control (GRIC) service line of Mazars Financial Advisory Services (Mazars FAS, in Luxembourg) - specialized in the provision of regulatory / risk advisory services to financial institutions - is looking for a talented Cybersecurity Director to support fast growing and dynamic businesses within a rewarding corporate environment.
The GRIC service line consists of a multidisciplinary team of professionals who work to advise clients throughout our regulatory / risk advisory services across several industries of the Financial Sector (including, but not limited to, Banking, Asset Management and Insurance) on how to face at best the regulatory compliance challenges, including cybersecurity, information technology and data privacy.
We are assisting key function holders (comprising managing / governing bodies, executive management and head of internal control functions) to better understand the regulatory environment and its ongoing development as well as to identify laws and regulations having an impact on their business.
Make the smart choice. At Mazars, we expect outstanding and eager professionals willing to enhance a team committed to be the emerging consulting & advisory firm in Luxembourg.


Your responsibilities:

  • Develop, oversee and maintain a portfolio of cybersecurity, IT and data privacy clients and engagements to ensure successful project delivery and client relationships;
  • Assist in developing, maturing, and growing cybersecurity, IT and data privacy practice offerings, with particular attention to underlying security challenges raised by the digital transformation (IoT, machine learning, artificial intelligence, cloud computing);
  • Advise clients in defining and developing cybersecurity, IT and data privacy strategies, regulatory compliance, policies, procedures, security governance, risk assessments, target operating models and remediation programs;
  • Utilize technical expertise to oversee, lead and deliver projects on cybersecurity, IT and data privacy, including security services, penetration testing, cyber assessments, incident response, and cyber toolset implementations;
  • Assess, architect or implement ISMS based on industry standards and framework such as ISO/IEC 27001:2013, ISO 27001/2, NIST Cybersecurity Framework, CIS Top-20 Controls, GDPR;
  • Stay current on cybersecurity, IT and data privacy legal framework, risks and issues to help define strategies for clients, as well as develop new business opportunities;
  • Conduct regulatory watch services to support our client in anticipating evolving supervisory expectations;
  • Run strategic financial resource management initiatives (e.g. balance sheet management, RWA optimization);
  • Developing strategic answers and proposing these to our clients for assessing and managing the impact of new prudential standards and requirements on their Business strategy;
  • Leading the team to a constant knowledge / competency growth and act as trustful point of contact for the client;
  • Participate in the growth and eminence of Mazars by promoting our services and representing the firm at external events (e.g. participate to external working groups, write articles).

Basic qualifications:

  • Master degree (Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering, Law or a related major);
  • At least 10 years of relevant work experience in a professional services firm or technology consulting practice and at least 8 years in a technical cybersecurity, IT and/or data privacy role;
  • Strong cybersecurity, IT and data privacy skills, ideally in the following domains: security and risk strategy, governance and management, regulatory compliance, identity and access management, cyber threat management and response, network and infrastructure security, cloud security, secure system development life cycle, privacy and data protection;
  • Experience in developing and establishing cybersecurity delivery methodologies and supporting tools, including scripting / programming skills (e.g., Python, PowerShell, Java, Perl);
  • Industry certifications are considered as strong assets (e.g. CISSP, CISM, CCNP, GIAC, CISA, OSCP);
  • Excellent analytical and pragmatic mindset combined with relevant organisational skills;
  • Strong problem solving and troubleshooting skills with the ability to exercise mature judgment;
  • Proven creativity with the ability to develop and present new ideas and conceptualize new approaches and solutions;
  • Exceptional communication skills with the ability to develop strong team and client relationships through business-oriented mindset;
  • Self-starter attitude, keen to learn and build expertise;
  • Fluency in English (both written and spoken). French / any other language would be considered as an additional asset.

We offer: 

  • A competitive salary package;
  • An attractive package of customizable advantages;
  • A workplace where personal development is encouraged;
  • Opportunities to develop your business approach / eminence, interpersonal skills and knowledge of the financial marketplace;
  • A healthy working environment within a human-sized International group;
  • A young, dynamic, friendly and multicultural working environment;
  • Expansion of your network in the Luxembourgish and international market.




About Mazars  

Mazars is an internationally integrated partnership, specialising in audit, accountancy, advisory, tax and legal services*. Operating in more than 90 countries and territories around the world, we draw on the expertise of 44,000+ professionals – 28,000+ in the Mazars integrated partnership and 16,000+ via the Mazars North America Alliance – to assist clients at every stage in their development.

*Where permitted under applicable country laws

In Luxembourg, we are 300 employees and 17 partners.


Mazars will collect all personal data from candidates as part of the recruitment process. The personal data will be processed in compliance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679). We will process the data with the candidate’s consent or on the basis of the employment contract. The personal data will only be processed based on one of the possible legal basis (as per Art. 6 of the GDPR). Personal data will not be retained for more than required by the GDPR or by applicable Luxembourg laws. 

Contact :