We are looking for a Senior GRC Consultant to integrate a project in Lisbon, in a hybrid model.
Profile:
- Solid experience in Information Security Consulting and ISO 27001
- Certification as Lead Auditor or Lead Implementer (ISO 27001) valorized
- Deep knowledge of Risk Management(ISO 31000)and associated methodologies
- Proven experience in regulatory compliance projects: GDPR, DORA (Digital Operational Resilience Act) and NIS2
- Ability to develop and review Security Policies, Standards and Procedures
- Ability to work autonomously and create processes where these do not yet exist
- Interest in developing new service offers and supporting the commercial growth of the area
Tasks:
Internal Aspect (Processes & Compliance):
- Design and Implementation: Map, create and implement cybersecurity and internal quality policies and procedures (often creating root processes)
- Risk Management: Streamline organizational risk analysis based on ISO 31000
- Internal Audit: Ensure ongoing compliance with ISO 27001 and prepare the organization for external audits
External Aspect (Consulting & Business):
- Specialized Consulting: Gap Analysis and implementation of compliance roadmaps for customers (GDPR, DORA, NIS2)
- Technical Pre-Sale: Support to the sales team in the design of value propositions and GRC consulting services
- Client Management: Act as a “Trusted Advisor” with the end customer, guaranteeing the delivery of projects and identifying new opportunities
- Business Development: Collaborate in defining the strategy for the creation of a future GRC Business Unit
What we have to offer:
- Salary compatible with the market and the function
- Health insurance
- Meal allowance paid by meal card
- Additional vacation days
- Work model according to the function
- Dynamic work environment and collaborative spirit
- Continuous feedback, opportunities for evolution and recognition for your work
- Exclusive benefits in health and well-being, education, catering, culture and leisure
- Talent Referral Program
- Program of Buddy