Security Analyst

Job description Cybersecurity Analyst - Freelance/B2B Location: Luxembourg (Hybrid - weekly presence onsite) Contract Duration: 24 Months Project About the Role We are looking for a Cybersecurity Implementer Consultant to support a major Client in Luxembourg. This role focuses on day-to-day security operations, vulnerability management, threat analysis, cloud security, and coordination activities across internal teams and external service providers. The mission involves hands-on security work within a highly regulated and complex IT environment. Key Responsibilities Security Operations & BAU Activities Handle and investigate security incidents, including phishing, malware, and suspicious activity alerts. Respond to user security requests and provide technical guidance where needed. Analyse threats (spam/phishing campaigns) and ensure appropriate remediation steps are executed. Track and follow up on vulnerability remediation actions with technical teams. Lead or support BAU security initiatives and ensure the timely delivery of assigned tasks. Threat, Vulnerability, and Testing Activities Conduct or contribute to vulnerability assessments and threat intelligence analysis. Support penetration testing activities and secure code reviews. Evaluate findings from security tools and help prioritise remediation. Cloud & Microsoft Security Expertise Advise internal teams on security best practices within Microsoft 365 and Azure environments. Assist with review and improvement of architectures, configurations, and operational security controls. Continuity, Governance & Risk Contribute to business continuity planning and disaster recovery activities. Support cybersecurity exercises and preparedness initiatives. Assist in governance-related tasks (risk management, policy updates, compliance alignment). Help align internal processes with recognised standards such as NIST CSF or the Australian Essential Eight. Coordination & Stakeholder Communication Work closely with third-party security service providers on assigned topics. Organise and participate in meetings, preparing agendas, minutes, and action tracking. Provide clear reporting and documentation for all security-related activities. Required Skills & Profile Educational Background Bachelor’s degree or higher in Information Technology, Cybersecurity, Engineering, or similar. Non-technical degrees may be considered when combined with relevant professional experience. Professional Experience Depending on seniority submitted: Junior Consultant: 0–3 years Consultant: 3–7 years Senior Consultant: 7–10 years Technical Competencies Strong understanding of core cybersecurity principles, operational security, and common security tools. Hands-on experience in: Incident response & threat analysis Vulnerability management Malware/phishing investigations Cloud security (Azure, Microsoft 365) Experience with penetration testing activities or secure code assessment is a plus. Familiarity with cybersecurity frameworks (NIST CSF, Essential Eight) is an asset. Project management certifications (PM2, Prince2, PMI) are considered beneficial. Soft Skills Proactive, solution-oriented mindset (“can-do” attitude). Strong analytical and problem-solving skills. Ability to work independently on assigned tasks and BAU initiatives. Comfortable coordinating with internal teams and external providers. Excellent communication skills in English (C1 or above). Strong organisational skills, including meeting preparation and follow-up. Work Environment & Onsite Requirement This is a hybrid assignment with 80% onsite work in Luxembourg (4 days per week). Remote work is limited to one day per week and only with prior agreement.