Cybersecurity Consulting

With over a decade's experience in the market, Human Profiler is a consultancy specialised in IT Outsourcing and qualified Recruitment & Selection processes. We act with total flexibility, adapting to the needs of our clients and partners. We are looking for a Cybersecurity Consulting to join our team.

Main responsibilities:

•Third-Party (TP) Cybersecurity Assessments and Mitigation Controls

- Evaluate the cybersecurity posture of our new and existing third-party vendors.

- Identify potential risks associated with third-party access and data handling.

- Review vendor compliance with relevant regulations and standards.

- Develop and recommend mitigation controls to address identified TP risks.

- Enhance the configuration of the client TPRM tool to address mandatory requirements.

- Assist in implementing TP controls and monitoring mechanisms.

- Provide guidance on best practices for third-party risk management.

- Deliver detailed reports outlining TPRM findings, risk levels, and remediation plans.

•Security controls maturity Assessments (CIS, ISO)

-Perform a gap analysis and maturity evaluations against the CIS Controls and ISO 27001, 22301.

- Assess existing InfoSec security policies, standards and procedures and actual implementations.

- Identify gaps, areas of non-compliance, weakness and opportunities for improvement within our security environment.

- Evaluate potential threats and vulnerabilities to critical assets to support identifying the priority of the maturity controls enhancements (prioritize controls based on likelihood and cyber impact)

- Provide actionable recommendations to address identified gaps.

- Develop a roadmap for achieving compliance with CIS and ISO controls improvements.

- Register identified gaps, recommendations, ETAs, to enhance security in the Client dedicated tracking platform.

- Suggest maturity improvements to align with industry best practices.

Job Requirements:

• Proven track record of conducting third-party risk assessments and security assessments based on CIS and ISO 27000 family.

• Excellent communication and collaboration abilities.

• Strong analytical and problem-solving skills.

• Good level of written and spoken English.

• Understanding of Cyber Security concepts and areas.

• Location Porto

• Hybrid System (3 times a week in the office)

•Desirable Certifications:

- Relevant certifications (e.g., CISSP, CISA, CISM, CRISC, OneTrust certs., other TPRM cert.).

- Organizational certifications or partnerships with recognized cybersecurity entities.

What we offer:

•Dynamic project for a nationally/internationally recognised client

•Competitive salary according to proven experience

•Career development opportunities in challenging technological projects

•Integration in a dynamic and diverse team

•Personalised support

•Continuous training

•Health insurance

•Corporate events and team buildings

•Exclusive benefits through our network of partnerships (health, well-being, travel, gastronomy, culture, leisure, training, etc).

Recruitment, selection, and integration process:

The process begins with a phone or videoconference call. We guarantee full support during the integration process to support the career development of our new employees.