Cybersecurity - Senior Governance Risk And

Would you like to make an impact in different industries with your work? Then this project is for you. Here you will have the opportunity to be part of a multicultural and inclusive team with global projection that contacts with areas such as consultancy, law, strategy, insurance, finance, among others.

We are looking for Cybersecurity - Senior Governance Risk and Compliance for our team.

The opportunity:
We are looking for a Governance, Risk and Compliance (GRC) Specialist to join our Cyber Security consulting team. In this role, you will have the chance to work in engagement teams serving our clients in providing independent assessments or implementation of cyber and governance solutions that will mitigate them risks and improve the compliance.

Your key responsibilities:
Be part of the definition, development and implementation of Information Security, risk analysis, business continuity and/or data protection projects;
Perform information security risk assessments, business impact assessments (BIA) and data protection assessments (AIPD);
Conduct Information Security compliance and maturity assessments using international standards and best practices from various industries;
Identification, analysis and implementation of Information Security processes and controls (e.g. access management, incident management, business continuity);
Management of compliance in accordance to the international standards (e.g. ISO/IEC 27001, ISO/IEC 22301, PCI-DSS, COBIT, RGPD; ITIL);
Information security risk analysis based on best practices (e.g. NIST, ISO/IEC 31000, ISO/IEC 27005);
Business continuity management based on best practices (e.g. ISO/IEC 22301);
Produce and present reports with the results of the projects carried out;
Support the management of the consulting area.

Skills and attributes for success:
Technical knowledge;
A strong work ethic;
Strong analytical and problem-solving skills;
High communication skills;
Flexibility and resilience;
Rigor and attention to detail;
Professional responsibility, confidentiality and integrity;
Efficient, innovative, team-oriented work environment and able to work under pressure.

To qualify for the role, you must have

Academic education in Computer Engineering or similar fields of study, mainly in referenced universities;
At least 3 years of professional experience in GRC;
Relevant knowledge about risk and cyber international standards and good practices;
Background in consulting environment is valued;
Mindset oriented towards risk mitigation, internal audit and good practices;
Fluent written and verbal communication skills in both Portuguese and English.

Ideally, you’ll also have:
ISO/IEC 22301 Lead Auditor e Implementer (Business Continuity Management) certification;
ISO/IEC 27001 Lead Auditor e Implementer (Security Information Management) certification;
ISACA - Certified Information Systems Auditor (CISA) certification;
ISACA - Certified in Risk and Information Systems Control (CRISC) certification.

What we look for:
Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you’ll be a confident team player equipped with strong people management skills and a genuine passion to make things happen in a dynamic organization. If you’re ready to take on a wide range of responsibilities and are committed to seeking out new ways to make a difference, this role is for you.

Perfil Pretendido

Outras Informações

A resposta ao anúncio deve ser submetida em Português