Cybersecurity - Senior Governance Risk and Compliance

Lisboa, Remote, Hybrid


Ref. 2022/1260


We are looking for Cybersecurity - Senior Governance Risk and Compliance for our team.

The opportunity
We are looking for a Governance, Risk and Compliance (GRC) Specialist to join our Cyber Security consulting team. In this role, you will have the chance to work in engagement teams serving our clients in providing independent assessments or implementation of cyber and governance solutions that will mitigate them risks and improve the compliance.

Your key responsibilities

  • Be part of the definition, development and implementation of Information Security, risk analysis, business continuity and/or data protection projects;
  • Perform information security risk assessments, business impact assessments (BIA) and data protection assessments (AIPD);
  • Conduct Information Security compliance and maturity assessments using international standards and best practices from various industries;
  • Identification, analysis and implementation of Information Security processes and controls (e.g. access management, incident management, business continuity);
  • Management of compliance in accordance to the international standards (e.g. ISO/IEC 27001, ISO/IEC 22301, PCI-DSS, COBIT, RGPD; ITIL);
  • Information security risk analysis based on best practices (e.g. NIST, ISO/IEC 31000, ISO/IEC 27005);
  • Business continuity management based on best practices (e.g. ISO/IEC 22301);
  • Produce and present reports with the results of the projects carried out;
  • Support the management of the consulting area.

Skills and attributes for success

  • Technical knowledge;
  • A strong work ethic;
  • Strong analytical and problem-solving skills;
  • High communication skills;
  • Flexibility and resilience;
  • Rigor and attention to detail;
  • Professional responsibility, confidentiality and integrity;
  • Efficient, innovative, team-oriented work environment and able to work under pressure.

To qualify for the role, you must have

  • Academic education in Computer Engineering or similar fields of study, mainly in referenced universities;
  • At least 3 years of professional experience in GRC;
  • Relevant knowledge about risk and cyber international standards and good practices;
  • Background in consulting environment is valued;
  • Mindset oriented towards risk mitigation, internal audit and good practices;
  • Fluent written and verbal communication skills in both Portuguese and English.

Ideally, you’ll also have:

  • ISO/IEC 22301 Lead Auditor e Implementer (Business Continuity Management) certification;
  • ISO/IEC 27001 Lead Auditor e Implementer (Security Information Management) certification;
  • ISACA – Certified Information Systems Auditor (CISA) certification;
  • ISACA – Certified in Risk and Information Systems Control (CRISC) certification.

What we look for:
Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you’ll be a confident team player equipped with strong people management skills and a genuine passion to make things happen in a dynamic organization. If you’re ready to take on a wide range of responsibilities and are committed to seeking out new ways to make a difference, this role is for you.

Ver mais oportunidades


Todos os dados pessoais serão tratados ao abrigo do RGPD e de acordo com a nossa Política de Privacidade. Em qualquer altura poderá exercer o direito de gestão dos seus dados através do e-mail