CyberProgram Analyst Porto

CyberProgram Analyst
Porto
Porto, Porto District, Portugal

You want to join a company that places people at the heart of its concerns? We are waiting for you at
Extia

Extia is an engineering consultancy which proposes since 2007 an unprecedented approach in its sector by combining
- being and performance at work. A successful model: more than 3000 Extians working in 22 agencies in France and abroad, 1st Great Place To Work in France, 160 millions of euros of turnover and plenty of energy

At Extia, it's "First who, then what" so, let's do it

First who

Soft Skills

• Ability to work transversally across teams and countries.
• Collaboration and stakeholder management.
• Attention to detail, structured approach, and consistency in evaluation.
• Problem-solving and process improvement mindset.

Then what

About The Role
We are running a
- scale Cybersecurity Transformation Program designed to strengthen compliance, mitigate cyber risks, and raise the overall security posture of the organization. To support this effort, we are looking for motivated professionals to join our Cybersecurity Program Evaluation Team.

This is a unique opportunity to gain exposure across all cybersecurity domains (30+ topics), interact with experts and stakeholders worldwide, and build a strong foundation for your career growth towards roles such as CISO, Program Manager, or Cybersecurity Specialist.

What You'll Do

• Deploy the maturity evaluation process for the entities under your scope.
• Guide local teams in understanding requirements and preparing compliance evidence.
• Assess submitted evidence and ensure alignment with evaluations across other entities.
• Communicate program updates and changes to stakeholders.
• Facilitate collaboration between central IT providers and local entities.
• Document and report assessment results for program governance.
• Contribute to internal projects to enhance the evaluation methodology and tools.

Skills & Knowledge We're Looking For

• Broad understanding of cybersecurity and IT risk management.
• Familiarity with at least one security framework (NIST, ISO 27001, or equivalent).
• Awareness of regulatory requirements affecting IT and cybersecurity (e. g. , DORA, GDPR).
• Strong analytical, communication, and documentation skills.
• Technical (Appreciated, Not Mandatory)
• IT Continuity & Backup Management (including regulatory resilience requirements).
• Cryptography (certificate and key management, CKMS).
• Network Security (segmentation, hardening, architecture best practices).