Security & Privacy Analyst

Global Citizen Solutions is an international consulting firm Portugal-based, focused on Global Mobility and second citizenship solutions. Our core business is advisory and support individuals and families to gain more freedom and flexibility through global mobility, investment opportunities, and tailored citizenship programs.

We are seeking a highly motivated and detail-oriented Security & Privacy Analyst to join our IT team. This position requires a deep understanding of information security and privacy regulations, such as ISO 27001 or SOC2 and GDPR.

Security Monitoring & Incident Response:

- Conduct regular security assessments to identify vulnerabilities in systems and networks.
- Assist in the detection, investigation, and resolution of security incidents.
- Monitor security events and alerting systems for potential threats.
- Work with cross-functional teams to address and mitigate risks in real-time.

Privacy Compliance:

- Evaluate the current risk scenario and propose actions to meet compliance with data privacy laws and regulations through risk assessments and documentations.
- Maintain up-to-date knowledge of global privacy regulations and their impact on the company.
- Advise business units on privacy considerations, including data collection, processing, and storage practices.

Security & Privacy Risk Management:

- Perform risk assessments to evaluate and mitigate threats to systems and sensitive data.
- Collaborate with IT, legal and HR teams to ensure security and privacy requirements are met.
- Assist in the development of security and privacy risk mitigation plans, policies, and procedures.

Security Awareness & Training:

- Develop and implement security and privacy awareness programs for employees.
- Conduct training sessions on security best practices, data protection, and privacy obligations.
- Serve as a resource for staff regarding security and privacy-related issues.

Documentation & Reporting:

- Document security incidents, investigations, and compliance efforts as per company and industry standards.
- Provide regular security and privacy reports to management, highlighting potential risks and progress on remediation efforts.

Collaboration & Communication:

- Work closely with internal stakeholders to assess and address security and privacy needs.
- Liaise with external vendors and third parties to ensure they meet the company's security and privacy requirements.
- Bachelor's degree in Information Security, Information Technology, Cybersecurity, or a related field. Relevant certifications (e.g., CISSP, CISM, CISA, CIPP, ISSO 27001) are a plus.
- 2-4 years of experience in information security, privacy, or risk management.
- Familiarity with security and privacy frameworks (ISO 27001, NIST, SOC 2, etc.).
- Experience with tools for vulnerability scanning, security monitoring, and incident response.
- Knowledge of cloud security practices and privacy concerns in cloud environments.
- Strong understanding of data protection regulations, industry standards, and frameworks.
- Ability to analyze and mitigate security risks across various systems and environments.
- Excellent written and verbal communication skills to effectively communicate security and privacy concerns.
- Strong attention to detail and ability to work under pressure in a dynamic environment.
- Knowledge of data encryption, authentication mechanisms, and firewalls.

Preferred Qualifications:

- Experience working in the service industry, particularly in client-facing roles.
- Familiarity with privacy tools and data loss prevention (DLP) technologies.
- Knowledge of incident response and business continuity planning.
- Competitive compensation in accordance with experience but above current market average.
- Join a network of professionals in a multinational environment working with cross-country programs and solutions.
- Fast-paced, highly structured and dynamic business environment.
- Training and support for personal and professional development.
- Flexibility in the rendering of services applies, provided deliverables and deadlines are met.
- Opportunities to grow your career in a new and expanding field.