We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Cybersecurity Governance Consultant at Gramian Consulting Group. About Us. Gramian Consultancy is a boutique consultancy specializing in IT professional services and engineering talent solutions. With a strong background in engineering and leadership, we help companies build high-performing teams by matching them with professionals who truly fit their needs.. About the Role. Our client is a rapidly growing European cybersecurity consulting and technology integration organization, headquartered in Luxembourg and operating internationally. Following a recent strategic acquisition by a major industrial technology group, the company is expanding its Information Security Governance practice to support increasing client demand across regulated and enterprise environments.. As part of this growth, we are looking for an . Information Security Governance Consultant. to join a multidisciplinary cybersecurity team. In this role, you will work closely with CISOs, IT leaders, and business stakeholders to translate organizational needs into concrete information security strategies, governance frameworks, and risk management programs.. You will contribute to security maturity assessments, governance initiatives, compliance programs, and resilience planning, helping clients strengthen their security posture while keeping a pragmatic, business-oriented approach. The position offers exposure to diverse projects, structured onboarding with senior consultants, and continuous development within a collaborative, people-first environment that combines startup agility with enterprise stability.. Location:. Hybrid . Office Location:. Luxembourg. Contract:. Permanent. Experience Level:. Mid–Senior (around 5+ years preferred). Languages:. French (C1–C2), English (minimum B1). Interview Process:. Intro Call + HR Interview + Manager Interview. Responsibilities. Assessing organizational security maturity and existing controls . Identifying security initiatives and improvement roadmaps aligned with business objectives . Performing information security risk assessments and advising on risk treatment strategies . Supporting governance frameworks, policies, and operating models . Contributing to resilience programs (BCP/DRP, incident management, cyber crisis management) . Supporting regulatory and standards compliance initiatives (e.g., GDPR, ISO 27001, NIST CSF, CIS Controls) . Advising on cloud security and modern IT environments . Participating in audits, maturity assessments, and security program design . Acting as a trusted advisor to management, CISOs, IT, and business teams. 5+ years of professional experience in Information Security, Cybersecurity Governance, GRC, or Security Consulting roles . Hands-on experience with Information Security Governance frameworks and operating models . Practical experience in Information Security Risk Management (risk assessments, control reviews, treatment plans) . Strong knowledge of at least one major security framework or standard. : ISO 27001/27005, NIST CSF, CIS Controls . Experience supporting compliance initiatives (e.g., . GDPR, ISO 27001 certification, internal/external audits. ) . Ability to translate business requirements into security policies, procedures, and actionable security programs . Solid understanding of IT environments (networks, systems, cloud platforms, identity, endpoint security concepts) . Strong analytical, documentation, and reporting skills (risk registers, maturity assessments, governance documentation) . Proven ability to communicate with both technical and non-technical stakeholders (CISO, management, IT, business teams) . Fluent French (C1–C2, written and spoken) . Professional English (minimum B1, written and spoken). Company Location: Italy.