Full-remote Governance, Risk & Compliance (GRC) Consultant Lisboa

Overview

We are looking for a Full-remote Governance, Risk & Compliance (GRC) Consultant to integrate directly with the team of our client – a reference company in the computer & network security sector.

Responsibilities

• Assess clients' cybersecurity governance, risk, and compliance posture, identifying gaps and providing actionable recommendations.
• Conduct risk assessments, identify vulnerabilities, and recommend mitigation strategies, assisting clients in internal and external audits by ensuring robust documentation and explanations.
• Help clients develop and update information security policies and procedures, and prepare reports and presentations outlining findings, recommendations, and compliance status.
• Plan and lead national and international cybersecurity projects, manage risks, and ensure operational control, collaborating with different teams.

Requirements

• Academic background in Computer Engineering, Science or similar areas.
• Minimum 3 years of experience in GRC.
• Solid understanding and practical experience with at least one major information security framework (e. g. , ISO 27001, NIST CSF, COBIT).
• Strong analytical and
  - solving skills with the ability to interpret complex technical and regulatory requirements.
• Relevant certifications such as CRISC, CISM, CISA, ISO 27001 Implementer/Auditor, CISPP, ISO9001, GDPR or similar; will be a plus.
• Fluency in Portuguese and English.

Additional information

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Other
• Industries: IT Services and IT Consulting