About Us

Lùkla is specialized in IT, digital transformation, and risk management. We collaborate with leading international organizations to strengthen their technology, governance, and cybersecurity capabilities. Our mission is to connect top talent with impactful projects that shape the future of secure and sustainable digital ecosystems.

About the Role

We are looking for an experienced Cybersecurity Auditor to join a leading international financial group’s IT division, contributing to the continuous improvement of cybersecurity and risk management practices across multiple global entities.

This position is part of a Cybersecurity & Digital Assurance team that brings together specialists in Data Loss Prevention (DLP), Penetration Testing, Vulnerability Management, and Red Teaming. The auditor function is to strengthen global security and compliance oversight.

You will play a key role in conducting cybersecurity assessments for both internal entities and third parties, ensuring the effectiveness of security controls and compliance with international regulations and standards.

The position can be based in Lisbon or Porto (hybrid model).

Main Responsibilities

• Conduct cybersecurity audits and assessments of internal subsidiaries and third-party providers, based on corporate policies and regulatory frameworks.
• Identify security risks, vulnerabilities, and control gaps, and provide actionable recommendations for remediation.
• Evaluate third-party providers, including major cloud service platforms (e.g., Microsoft 365, AWS, Worldline), ensuring compliance with internal and industry standards.
• Prepare and deliver detailed audit reports with clear findings and recommendations to management teams.
• Collaborate with cross-functional stakeholders to strengthen governance and implement corrective measures.
• Stay current on emerging cybersecurity threats, technologies, and regulatory changes to support continuous improvement of audit methodologies.

Technical Expertise

• Strong background in IT Risk and Cybersecurity (expert level).
• Solid knowledge of audit methodologies and risk-based auditing approaches.
• Experience in risk assessment, outsourcing, and third-party risk management.
• Practical understanding of data protection regulations and compliance frameworks (e.g., GDPR, ISO 27001/27005, NIST CSF).
• Hands-on experience with security scans, configuration reviews, or automated control scripting.

Qualifications

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Minimum 5 years of experience in cybersecurity auditing, preferably in the financial or regulated sector.
• Relevant certifications such as CISA, CISM, CISSP, ISO 27001/27005 are highly valued.

Languages (Mandatory)

• English: Fluent or native level
• French: Fluent or advanced level

Soft Skills

• Strong analytical and problem-solving mindset.
• Ability to communicate complex technical concepts clearly to non-technical audiences.
• Proactive and critical thinker with attention to detail.
• Capable of leading meetings and engaging stakeholders at all levels.
• Comfortable working in an international and multicultural environment.
• Willingness to travel (mostly within Europe, with occasional global assignments).

Why Join Us

You’ll be part of an international cybersecurity hub that supports a global network of business entities, combining technical depth, strategic vision, and real-world impact. This is an opportunity to shape and reinforce the cybersecurity maturity of a major organization operating worldwide.