IT SecOps Officer, Luxembourg

<h3>Build, Secure and Scale a Regulated Fintech Platform at the Heart of Stripe</h3> <p>Bridge Building S.A. (BBSA) is the Luxembourg regulated entity of Bridge, a Stripe company, operating as an EMI and future CASP in one of Europe’s most demanding regulatory environments (CSSF, DORA, MiCA).</p> <p>BBSA is building its local regulated platform with a <strong>strong global-first technology model</strong>, relying on highly specialised engineering teams based primarily in the US. In this context, we are looking for a hands-on IT professional to play a <strong>critical role at the intersection of security, cloud infrastructure, and regulatory operations</strong>.</p> <p>This role acts as the <strong>operational right hand of the Luxembourg Head of IT</strong>, with daily exposure to global AWS, security, and blockchain-focused teams. You will be directly involved in ensuring that systems remain <strong>secure, available, and resilient</strong>, while supporting a regulated fintech environment that is scaling toward production.</p> <p>This is <strong>not a traditional IT support role</strong>. It is a <strong>hybrid Security Operations / Infrastructure / IT Control position</strong>, designed for someone who wants real ownership, technical exposure, and impact. The role combines hands-on operational responsibilities with the opportunity to grow into a broader security and infrastructure leadership position as the platform evolves.</p> <p>If you are looking for a role where <strong>mindset, curiosity, and responsibility matter as much as technical skills</strong>, and where you can help shape the foundations of a regulated fintech backed by Stripe, this position offers a rare opportunity.</p> <h2><strong>Key Responsibilities: </strong></h2> <h3><strong>1. Security Operations & IT Control</strong></h3> <ul> <li>Day-to-day management of Identity & Access Management (IAM)</li> <li>Enforcement of the <strong>Need-to-Know</strong> principle</li> <li>Supervision of user access lifecycle (joiners / movers / leavers)</li> <li>Oversight of confidentiality, integrity, and availability (CIA)</li> <li>Active participation in security incident management</li> <li>Preparation of technical inputs for CSSF notifications (via Head of IT)</li> </ul> <h3><strong>2. Infrastructure & Cloud Operations </strong></h3> <ul> <li>Daily interaction with global AWS teams</li> <li>Understanding of cloud architectures (AWS-centric)</li> <li>Monitoring system availability and resilience</li> <li>Incident triggering, tracking, escalation, and follow-up</li> <li>Contribution to Business Continuity and Disaster Recovery testing (BCP / DR)</li> </ul> <h3><strong>3. Corporate Systems Management </strong></h3> <ul> <li>Google Workspace administration</li> <li>Management of collaboration tools (Notion, Slack)</li> <li>Oversight of Data Loss Prevention (DLP) controls</li> <li>Local IT support (non-first-line)</li> </ul> <h3><strong>4. Vendor & Outsourcing Oversight </strong></h3> <ul> <li>Operational follow-up of IT service providers</li> <li>Contribution to SLA and KPI monitoring</li> <li>Support to the Outsourcing Manager function</li> </ul> <h3><strong>5. Device & Asset Management </strong></h3> <ul> <li>Endpoint security and MDM management</li> <li>Asset tracking and lifecycle management</li ... (truncated, view full listing at source)