At Hexa Consulting, we want to spread transparency and enable diverse tech careers. Based in Portugal, we can answer the increasing demand in the IT sector.

Our mission is to build strong relationships, be a leading partner through a differentiated approach in IT consulting, and contribute to the professional and personal development of our team.

We work with Nearshore projects, TM & Project Development, Service & Service Management, and Tech Academies.

Hexa Consulting is looking for a Cybersecurity GRC Consultant with expertise in DORA to join our team and support governance, risk, and compliance initiatives for our clients.

🔍 What we're looking for:

• 3+ years of experience in Cybersecurity GRC, Information Security, Risk Management or Compliance
• Strong knowledge of DORA regulation and its impact on ICT risk management, incident reporting, third-party risk, and operational resilience
• Experience conducting gap assessments, risk analysis, and compliance reviews aligned with regulatory frameworks (DORA, NIS2, ISO 27001, etc.)
• Ability to support the implementation of controls, policies, and procedures to ensure regulatory alignment
• Experience in risk registers, risk treatment plans, internal audits, and reporting to stakeholders
• Understanding of security governance structures, control frameworks, and cybersecurity best practices
• Ability to collaborate with both technical and non-technical teams (legal, IT, ops, audit)
• Experience in highly regulated environments (e.g., financial services, insurance, critical infrastructure) is a plus
• Fluency in Portuguese and English

📍 Location:

Lisbon

🎯 Why Hexa Consulting?

• Friendly and fast-paced culture
• Work on strategic compliance and risk initiatives for our clients
• Transparent communication and support from our team
• Competitive compensation package

🔐 Ready to help organizations strengthen their cyber resilience and comply with DORA?

Send us your CV and let’s talk!