Cloud Security & Compliance Engineer

Summary

Join our team as a Cloud Security & Compliance Engineer and play a pivotal role in safeguarding our digital assets. Based in Luxembourg with remote work options (within ±2h of Luxembourg), you will be responsible for designing, implementing, and maintaining security controls across Azure and hybrid environments. This role requires ensuring compliance with aviation cybersecurity standards (EASA, Part-IS, NIS2), conducting risk assessments, and supporting incident response. You will collaborate with various teams, including IT, Compliance, and internal audit, to maintain and improve IT compliance documentation. The ideal candidate will have 3–5 years of experience in cybersecurity, cloud security, or IT compliance, strong understanding of cloud security principles, and hands-on experience with Microsoft Azure security tools and services. This position offers the opportunity to contribute to strategic initiatives and operational resilience within a mission-critical aviation context.

Requirements

• 3–5 years of experience in cybersecurity, cloud security, or IT compliance roles
• Strong understanding of cloud security principles, regulatory frameworks, and risk management
• Hands-on experience with Microsoft Azure security tools and services
• Proficiency in scripting and automation for security operations
• Excellent command of English (spoken and written); French is a strong plus

Responsibilities

• Design, implement, and maintain security controls across Azure and hybrid environments, ensuring alignment with aviation cybersecurity standards
• Monitor and respond to security threats
• Conduct regular risk assessments, vulnerability scans, and penetration testing follow-ups
• Support incident response activities and post-incident reviews
• Ensure IT systems and processes comply with EASA regulations, NIS2 Directive, and internal governance frameworks
• Maintain and improve IT compliance documentation, including policies, procedures, and audit trails
• Collaborate with internal audit, legal, and operational teams to support regulatory audits
• Promote a culture of security awareness through training and internal communication
• Support secure deployment and configuration of Azure services, with a focus on identity and access management, data protection, and network security
• Apply security-by-design principles in collaboration with DevOps and architecture teams
• Act as a liaison between IT and Compliance teams to ensure cohesive security strategies
• Stay informed on emerging threats, regulatory changes, and best practices in cloud security and compliance
• Contribute to the development of security roadmaps and compliance maturity models