Job Specifications
This position is based at our Luxembourg headquarters and requires regular office presence. The EIB offers you the opportunity to live and work in a truly international and multi-cultural environment. We also offer relocation support.
The EIB, the European Union's bank is seeking to recruit for its Group Risk & Compliance Directorate-Office of the Group Chief Compliance Officer (GR&C-OCCO), Group Non-Financial Risk Department (GNFR), Project Management & Information Security Division (PMI), Information Security Risk Unit (InfoSec), at its headquarters in Luxembourg, an Associate Information Security Officer*.
Internal benchmark Associate Officer Non-Financial Risk Management
This is a full-time position at grade 4 for which the EIB offers a permanent contract.
Panel interviews are anticipated for early January 2026.
Purpose
We are seeking a skilled Associate Information Security Officer to join our team, based within our 2nd Line of Defence. In this role, you will be instrumental in safeguarding the Bank’s information, systems, and overall operational integrity, as you conduct a variety of information security risk management activities and follow security policies, regulations, and industry standards in order to help identify, report on, and reduce security threats to the organisation.
This position offers a unique opportunity to work in a complex and dynamic environment, where every day brings new challenges. You will coordinate and oversee Information Security risk management activities, driving a proactive approach to the identification, prevention, and mitigation of security threats that could impact the organisation.
Join us if you want to work at the intersection of cybersecurity, risk, and governance, while being part of a collaborative and driven team at the #EU_ClimateBank.
Operating Network
Reporting to the Head of InfoSec Unit, and supported by more senior officers in the team, you will work in close collaboration with relevant business areas across the Bank for the integration of information security into EIB policies, procedures and processes. You will work in close collaboration with the Office of the Group Chief Compliance Officer (GR&C-OCCO), the Inspector General’s Office (IG) and other relevant services as required for the investigation and escalation of events arising from non-compliance with information security policies. And you will also work with the Bank’s Information Services (IS) Directorate and with all Directorates for the implementation of agreed information security measures.
Externally, you will interact with security related professionals.
Accountabilities
Support the implementation of an Information Security Management System (ISMS) consistent with requirements and/or regulations:
Assist with the development and maintenance of the Bank’s information security-related policies, standards, and procedures, in close cooperation with IT Security, IPAQ (Information Protection, Access Control and Quality), Physical Security, Data Protection Office and other EIB Group services whenever required.
Assist with the implementation, review and update, inter-alia, of the Bank’s Information Security Policies framework.
Formulate proposals for the integration of information security into the Bank’s policies.
Ensure close collaboration with peers in European Investment Fund (EIF).
Participate in the implementation and monitoring of the EIB’s risk assessment process.
Contribute to the development of relevant key risk indicators and associated reporting dashboards, and the implementation of consequent information security controls in collaboration with other relevant services.
Execute key processes related to Information Security policies, to ensure the successful implementation, maintenance, and continuous improvement of agreed information security measures in the Information Security Management System (ISMS):
Support Business Owners in carrying out information security risk assessments.
Monitor the implementation of agreed information security controls.
Identify and perform due diligence in line with EIB Group processes for the implementation of adequate tooling.
Work in collaboration with IS (Information Systems) for the development of a work plan and agreed actions for the protection of EIB’s information assets and the confidentiality, integrity and availability of EIB documents and data.
Contribute to the provision of support for internal and external audit requests.
Contribute to Information Security Incident Management responses.
Coordinate Information Security Awareness Programme actions amongst staff (both permanent staff and consultants/contractors) through training and communication programmes.
Collaborate with FC/-/ICA/- (Financial Control, Internal Controls and Assertions) on the Internal Control Framework (ICF).
Qualifications
University degree (minimum an equivalent to a Bachelor), ideally in a relevant field such as risk management, IT or information management. R