Senior Security Engineer And Grc Specialist

Join to apply for the Senior Security Engineer And GRC Specialist role at emagine - Portugal.

At emagine Portugal, we believe in the power of talent to drive innovation.

As a global consulting company, we connect top professionals with some of the most exciting and technologically advanced projects across Europe.

With a strong presence in Portugal, we are committed to delivering value through expertise, collaboration, and agility.

Security Engineering: Apply secure configuration baselines and hardening across OS, databases, and cloud platforms.
Automate security processes to boost efficiency and reduce manual effort.
Support security and vulnerability assessments and patch implementation.
Contribute to threat hunting, root cause analysis, and incident response.

Identify and assess IT security risks; design and monitor mitigation strategies.
Define and enforce security policies, standards, and procedures.
Ensure compliance with key regulations and frameworks: NIS2, GDPR, ISO 27001, NIST, IEC 62443, Chinese cybersecurity regulations.
Perform
- party risk assessments.
Support implementation of business continuity and incident response plans.

Act as a trusted advisor to internal teams on security best practices.
Translate complex security concepts into actionable guidance for both technical and
- technical audiences.

Bachelor's degree in Information Security, Computer Science, or related field.
8–12 years of experience in cybersecurity, with both GRC and
- on engineering background.
Strong understanding of NIS2, GDPR, ISO 27001, NIST, and Chinese data/cybersecurity regulations.
Working knowledge of Azure, AWS, or OCI cloud security services.
Experience with tools like SIEM, EDR, vulnerability scanners, and
- native security controls.
Solid grasp of IAM concepts (SSO, MFA, PAM, access reviews).
Familiarity with GRC tools, risk assessments, and data protection best practices.
Certifications such as CISSP, CRISC, CISA, or ISO/IEC 27001 Lead Auditor are a strong plus.