GRC Cybersecurity Analyst

Join to apply for the GRC Cybersecurity Analyst role at emagine

Join to apply for the GRC Cybersecurity Analyst role at emagine

Introduction & Summary

The role of the GRC Cybersecurity Analyst is to ensure the structuring, monitoring, and continuous improvement of Governance, Risk, and Compliance (GRC) practices in the company, ensuring compliance with regulations, internal standards, and industry best practices. This position plays a strategic role in mitigating risks, protecting the organization's assets, and promoting a culture of security and compliance.

Introduction & Summary

The role of the GRC Cybersecurity Analyst is to ensure the structuring, monitoring, and continuous improvement of Governance, Risk, and Compliance (GRC) practices in the company, ensuring compliance with regulations, internal standards, and industry best practices. This position plays a strategic role in mitigating risks, protecting the organization's assets, and promoting a culture of security and compliance.

Main Responsibilities

The GRC Cybersecurity Analyst is responsible for overseeing risk management and compliance across various dimensions of the organization.

- Identify, assess and monitor cybersecurity and compliance risks.
- Ensure implementation and compliance with applicable standards and regulations (e.g. GDPR, ISO 27001, NIST CSF, NIS2).
- Support internal and external audits, ensuring adequate preparation and response to security findings.
- Develop and maintain GRC policies, standards, and frameworks aligned with market best practices.
- Collaborate with internal teams to ensure effective implementation of security controls.
- Conduct periodic assessments and reviews to continually improve security practices.
- Define and track risk and compliance KPIs and metrics.
- Prepare reports for management on the status of security and identified risks.
- Participate in the definition and execution of security incident response plans.
- Develop and promote security and compliance awareness programs for employees.
- Act as a strategic partner to the IT, Legal, and Business teams in risk management and compliance.
- Provide support in assessing supplier and third-party risks.

Key Requirements

- Strong knowledge of governance, risk management, and compliance in cybersecurity.
- Experience with relevant regulations and standards (e.g. GDPR, ISO 27001).
- Proficiency in risk assessment and management methodologies.
- Ability to work collaboratively with cross-functional teams.
- Excellent communication skills, both verbal and written.

Nice to Have

- Experience with security incident response and management.
- Knowledge of cybersecurity frameworks (e.g. NIST CSF, CIS Controls).
- Certification in relevant areas (e.g. CISA, CRISC, CISM).

Other Details

This position supports the organization's ongoing risk management efforts, with a focus on continuous improvement and compliance within the cybersecurity domain. Remote work options available.

Seniority level

- Seniority level

Entry level

Employment type

- Employment type

Full-time

Job function

- Job function

Information Technology
- Industries

IT Services and IT Consulting

Referrals increase your chances of interviewing at emagine by 2x

Get notified about new Cyber Security Analyst jobs in Lisbon, Lisbon, Portugal.

Network and Security (Fortinet) Engineer

Blue team Level 2 - Cybersecurity Analyst

Blue team Level 2 - Cybersecurity Analyst

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr