Cybersecurity Risk & Compliance Specialist

Our client is looking to recruit new team members for the cyber security office in Portugal.

Client Details

Our client has over 400,000 employees worldwide, operating in 60 countries, and takes pride in making an impact on people's lives and working towards a more sustainable future.

Description

• Conduct cybersecurity risk assessments to identify potential threats, vulnerabilities, and impacts.
• Develop and implement risk mitigation strategies and recommend security controls.
• Maintain the organization's risk register and ensure risks are regularly reviewed and updated.
• Ensure adherence to industry standards (e.g., ISO 27001, NIST, GDPR).
• Monitor regulatory changes and assess their impact on the organization's cybersecurity posture.
• Prepare and facilitate audits, both internal and external, and address any findings or gaps.
• Assess and manage cybersecurity risks associated with third-party vendors and partners.
• Review and validate vendor security assessments, certifications, and contractual obligations.
• Support incident response efforts by ensuring compliance with policies and regulatory requirements.
• Document lessons learned and recommended updates to processes and controls.

Profile

• At least 5+ years of experience in Cybersecurity, Information Technology, Risk Management, or related field.
• In-depth knowledge of cybersecurity principles, risk management practices, and compliance frameworks.
• Strong analytical and problem-solving skills to assess risks and develop mitigation strategies.
• Familiarity with tools for compliance management, risk assessment, and security monitoring.
• Ability to work collaboratively in a team and adapt to a dynamic environment.
• Excellent communication skills, with the ability to collaborate effectively across technical, business, and executive teams.
• Strong leadership and mentoring capabilities in guiding junior resources and providing strategic direction.
• Strong problem-solving skills and the ability to handle complex challenges in a dynamic environment.
• Experience with regulatory frameworks and standards such as ISO 27001, NIST, GDPR.
• Knowledge of security tools such as SIEM, vulnerability scanners, and GRC platforms.
• Experience with third-party risk management and vendor assessments.
• Understanding of data privacy regulations and their application in a business context.

Job Offer

A good career opportunity.

Candidate-se através do website