Associate Information Security Officer – based in Luxembourg

Associate Information Security Officer – based in Luxembourg

Join to apply for the Associate Information Security Officer – based in Luxembourg role at European Investment Bank (EIB).

This position is based at our Luxembourg headquarters and requires regular office presence. The EIB offers you the opportunity to live and work in a truly international and multi‑cultural environment. We also offer relocation support.

The EIB, the European Union's bank, is seeking to recruit for its Group Risk & Compliance Directorate‑Office of the Group Chief Compliance Officer (GR&C‑OCCO), Group Non‑Financial Risk Department (GNFR), Project Management & Information Security Division (PMI), Information Security Risk Unit (Info
Sec), at its headquarters in Luxembourg, an Associate Information Security Officer.

This is a full‑time position at grade 4 for which the EIB offers a permanent contract. Panel interviews are anticipated for early January 2026.

Purpose

We are seeking a skilled Associate Information Security Officer to join our team, based within our 2nd Line of Defence. In this role, you will safeguard the Bank’s information, systems, and overall operational integrity by conducting a variety of information security risk management activities and following security policies, regulations, and industry standards to identify, report on, and reduce security threats to the organisation.

Operating Network

Reporting to the Head of Info
Sec Unit and supported by senior officers, you will work collaboratively with business areas to integrate information security into EIB policies, procedures and processes. You will coordinate with the Office of the Group Chief Compliance Officer (GR&C‑OCCO), the Inspector General’s Office (IG), and other services for the investigation and escalation of events arising from non‑compliance with information security policies. You will also work with the Bank’s Information Services (IS) Directorate and all Directorates for implementation of agreed information security measures.

Accountabilities

• Support the implementation of an Information Security Management System (ISMS) consistent with requirements and/or regulations; assist with the development and maintenance of the Bank’s information security‑related policies, standards and procedures; support the implementation, review and update of the Bank’s Information Security Policies framework; formulate proposals for integration of information security into the Bank’s policies; ensure close collaboration with peers in European Investment Fund (EIF).
• Participate in the implementation and monitoring of the EIB’s risk assessment process.
• Contribute to the development of relevant key risk indicators and associated reporting dashboards, and the implementation of consequent information security controls in collaboration with other relevant services.
• Execute key processes related to Information Security policies, ensuring successful implementation, maintenance, and continuous improvement of agreed information security measures in the ISMS; support Business Owners in carrying out information security risk assessments; monitor the implementation of agreed information security controls; identify and perform due diligence for implementation of adequate tooling; work with IS for development of a work plan and agreed actions for protection of EIB’s information assets; provide support for internal and external audit requests; contribute to Information Security Incident Management responses; coordinate Information Security Awareness Programme actions among staff through training and communication programmes; collaborate with FC/ICA on the Internal Control Framework (ICF).

Qualifications

• University degree (minimum Bachelor), ideally in a relevant field such as risk management, IT or information management; relevant postgraduate studies and/or certifications (e. g. , CISA, CISSP, CISM, GCIH) would be an advantage.
• Minimum 3 years of relevant experience in information security, preferably gained in a financial services domain.
• Experience supporting information security implementation and/or of information security audit would be a strong asset.
• Understanding of the financial services sector and interdependence linked to cybersecurity.
• Knowledge sharing skills, including presentation and drafting of documentation.
• Knowledge of ethical hacking techniques and understanding of how to test and validate defenses (hands‑on experience or oversight) would be preferred.
• Experience with Cloud Service Providers would be an advantage.
• Excellent knowledge of English and/or French (with a good command of the other); knowledge of other EU languages would be an advantage.

Competencies

Find out more about EIB core competencies here.

To find out more about our eligibility criteria click here.

Equal Opportunity

We hire and value talent with unique characteristics, creating a work environment where they can be themselves. We believe that Diversity, Equity and Inclusion make us a performing and innovative organisation. We encourage all suitably qualified and eligible candidates to apply regardless of their gender identity/expression, age, racial, ethnic and cultural background, religion and beliefs, sexual orientation, disability or neurodiversity. We strongly invite applicants with a disability, neurodivergent profile or chronic condition to request reasonable accommodations at any stage during the recruitment process. Please contact the EIB Recruitment team Jobs@eib. org who will ensure that your request is handled.

By applying for this position, you acknowledge the importance of maintaining the security and integrity of the Information of the EIB Group. In case of selection for the position you agree to comply with all measures (policies, controls, document classification and management) implemented by the EIB Group to prevent unauthorised disclosure of any information or any damage to the EIB Group reputation.

Deadline for applications

12th December 2025