Full-remote Governance, Risk & Compliance (GRC) Consultant
- Lisboa
- Permanente
- Horário completo
- Assess clients' cybersecurity governance, risk, and compliance posture, being able to identify gaps and provide actionable recommendations;
- Conduct risk assessments, identifying vulnerabilities, and recommending mitigation strategies, assisting clients in internal and external audits by ensuring robust documentation and explanations;
- Help clients develop and update information security policies and procedures, preparing reports and presentations outlining findings, recommendations, and compliance status;
- Plan and lead national and international cybersecurity projects, managing risks, and ensuring operational control, having a collaborative mindset to work with different teams.
- Academic background in Computer Engineering, Science or similar areas;
- Minimum 03 years of experience in GRC;
- Solid understanding and practical experience with at least one major information security framework (e.g., ISO 27001, NIST CSF, COBIT);
- Strong analytical and problem-solving skills with the ability to interpret complex technical and regulatory requirements;
- Relevant certifications such as CRISC, CISM, CISA, ISO 27001 Implementer/Auditor, CISPP, ISO9001, GDPR or similar, will be a plus;
- Fluency both in Portuguese and English.