It Risk Analyst Porto

It Risk Analyst
Porto
Porto, Porto District, Portugal

Decskill, founded in 2014 as an IT Consulting Company, places paramount importance on its greatest asset:

its people. Our main mission is to deliver value through knowledge and talent, and we achieve this by fostering a culture of excellence and investing in the development and
- being of our people. With over 600 dedicated professionals and offices in Lisbon, Porto, Madrid, and Luxembourg, Decskill operates across three core areas:

• DECSKILL TALENT :
  
  We believe that our people are key to our success. Through Decskill Talent, we empower our team to embrace the digital transformation challenges of our clients. We collaborate with clients to drive innovation, ensuring project success and business growth.
• DECSKILL BOOST :
  
  Equipping our team with the latest tools and methodologies, we optimize Time-to-Market and deliver innovative solutions exceeding client expectations.
• DECSKILL CONNECT :
  
  Our team collaborates closely with clients to implement and manage IT infrastructures that generate
  - term value.

At Decskill, we believe that by nurturing and empowering our people to confront the challenges of digital transformation, we create value not only for our clients but also for our entire ecosystem, fostering a digital community dedicated to growth and progress.

We are looking for an IT Risk Analyst !

Mission:

1. Challenge existing cyber Risk assessments

• Understand risk assessments already produced (based on ISO 27005/EBIOS Risk Manager) and impacts of remediations plans progresses on risks.
• Skills to follow up/challenge remediation plans implemented by service providers or entities.
• Contribute actively in risk assessments of cloud platforms and cloud applications.
• Ideally, skills to lead risk assessments following on ISO 27005/EBIOS Risk Manager methods.

2. Check & challenge cloud cybersecurity risk cartography

• Follow-up data quality and comprehensiveness in cloud assets referential (Cloud Register) and cloud risks referential (cloud risks in the Risk Register) in Service
  Now tooling.
• Build, improve and provide risk reportings templates using Service
  Now or an external tool (such as Tableau).
• Provide periodic cloud risk reportings.
• Active role in the preparation of quarterly cloud risk committees.

3. Other activities

• Contribute in (cloud) third parties onboarding studies (risk assessment, review of cases studies, …).
• Contribute to miscellaneous governance/organization topics related to the team.

Responsabilities:

• Understand risk assessments already produced (based on ISO 27005/EBIOS Risk Manager) and impacts of remediations plans progresses on risks.
• Contribute actively in risk assessments of cloud platforms and cloud applications.
• Skills to follow up/challenge remediation plans implemented by service providers or entities.
• Follow-up data quality and comprehensiveness in cloud assets referential (Cloud Register) and cloud risks referential (cloud risks in the Risk Register) in Service
  Now tooling
• Contribute in (cloud) third parties onboarding studies (risk assessment, review of cases studies, …).

Requirements :

• Risk management methodologies skills based on ISO 27005 and/or EBIOS Risk Manager (certification ISO 27005 Risk Manager and/or EBIOS Risk Manager appreciated).
• Knowledge of a risk management tool such as Service
  Now.
• Knowledge on Cloud principles would be appreciated.
• Good level of english.

If you’re interested in this job, please send your CV to with reference “CA/ITRIsk".

Thank You!