Cybersecurity Analyst - Hybrid Remote - Lisbon

Boost IT is a Portuguese technology consultancy company, we are integrated into one of the most entrepreneurial groups in Portugal, with investment in more than 30 companies.

We want to be known for being the most dynamic, energetic and reliable company to operate in the market and, for that, we want to count on you.

If you're passionate about technology and want to work on the most relevant technology projects, then this ad could be for you!

Boost IT. Doing IT. Better

● Risk Management and Compliance: ○ Identify, assess and monitor cybersecurity and compliance risks.

○ Ensure implementation and compliance with applicable standards and regulations (e.g. GDPR, ISO 27001, NIST CSF, NIS2).

○ Support internal and external audits, ensuring adequate preparation and response to security findings.

● Security Policies and Processes: ○ Develop and maintain GRC policies, standards and frameworks aligned with market best practices.

○ Collaborate with internal teams to ensure effective implementation of security controls.

○ Conduct periodic assessments and reviews to continually improve security practices.

● Monitoring and Reporting: ○ Define and track risk and compliance KPIs and metrics.

○ Prepare reports for management on the status of security and identified risks.

○ Participate in the definition and execution of security incident response plans.

● Training and Awareness: ○ Develop and promote security and compliance awareness programs for employees.

○ Promote good practices and safe behaviors within the organization.

● Strategic Support and Collaboration: ○ Act as a strategic partner to the IT, Legal and Business teams in risk management and compliance.

○ Provide support in assessing supplier and third party risks.

● Minimum 3 years of experience as a Cybersecurity Analyst or in a similar role.

● Strong knowledge of process analysis, quality assurance, and audit preparation.

● Hands-on experience with international standards such as ISO 27001, GDPR, NIST CSF, and NIS2.

● Experience implementing and maintaining compliance frameworks.

● Excellent communication and documentation skills.

● Proven ability to manage multiple priorities and interact with diverse teams.

● Fluency in English is essential (spoken and written).

● Relevant certifications (e.g., ISO 27001 Lead Implementer, CISA, CISSP, or similar) are a plus.