IT GRC Security Specialist
Our client is an international tech consulting company with +25 years of experience offering solutions to support companies' businesses and digital transformation.
Responsibilities:
- Support the Information Security Officer (ISO) in rolling out the companys cybersecurity strategy and program.
- Assist in the development and deployment of a risk management framework that aligns with corporate objectives and policies.
- Ensure cybersecurity risk practices are integrated with the organizations overall risk management structure.
- Offer expert guidance on risk identification, assessment, and mitigation within both IT and OT environments.
- Evaluate the effectiveness of existing security controls across technical infrastructures.
- Continuously monitor cyber risks by assessing controls, asset vulnerabilities, threat landscapes, and security incident data.
- Provide regular updates on emerging risks and trends to risk owners and relevant governance bodies.
- Create and maintain comprehensive security documentation, including policies, processes, guidelines, contractual clauses, and control libraries.
- Design and maintain a harmonized IT/OT security architecture aligned with
- term cybersecurity goals. - Build a centralized repository of security architecture components such as principles, terminology, service models, frameworks, and reference standards.
- Assist operational teams in identifying cybersecurity needs and risks in new services, systems, and development initiatives.
- Lead awareness and training programs to build a
- first culture across all levels of the organization. - Supply evidence of risk oversight and control implementation for audits and compliance reviews.
- Report on the status and development of security initiatives to key business stakeholders.
- Ensure adherence to security architecture principles and standards.
- Gather and analyze performance and effectiveness indicators to inform
- making and improve security posture.
Requirements:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a closely related field.
- Minimum of 3 years of experience in Information Security Governance, Risk, and Compliance (GRC) roles.
- Solid knowledge of security frameworks such as ISO 27001, ISO 27005, NIST, and IEC 62443.
- Familiar with relevant regulatory standards, including GDPR, NIS2, etc.
- Hands-on experience with risk management platforms, compliance tools, and security monitoring systems.
- Skilled in conducting audits, risk assessments, and control validations.
- Strong understanding of IT security fundamentals, including cloud environments and network protection.
- Willingness to travel.
- Informações detalhadas sobre a oferta de emprego
Empresa: HITO Solutions Localização: Porto
Porto, Porto District, PortugalPublicado: 9. 7. 2025
Vaga de emprego atual
Seja o primeiro a candidar-se à vaga de emprego oferecida!