Cybersecurity Officer – AI & Data

Location: Lisbon, Portugal (Hybrid model)

English: Advanced

At Hexa Consulting we want to spread transparency and enable diverse tech careers.

Our mission is to build strong relationships, be a leading partner through a differentiated approach in IT consulting and contribute to the professional and personal development of our team.

We work with Nearshore projects, TM & Project Development, Service Management and Tech Academies.

We’re looking for a Cybersecurity Officer – AI & Data to join our team in Lisbon!

Responsibilities:

• Contribute to the definition, drafting, and implementation of cybersecurity policies.
• Analyze security risks related to technologies, data security, identity and access management, and cloud environments.
• Assess security tools and services, evaluate their impact, and provide recommendations for risk mitigation.
• Ensure cybersecurity policies are aligned with organizational objectives and regulatory requirements.
• Collaborate with cybersecurity and IT teams across the organization.
• Support operational teams in implementing cybersecurity action plans and remediation measures.
• Develop and maintain security indicators, reporting, and dashboards for management.
• Supervise the testing and validation of internal security controls as required by the CISO or internal audit teams.
• Support the CISO in managing AI & Data cybersecurity governance activities, including committees and community coordination.

Key Activities:

• Maintain a comprehensive inventory of applications, including risk assessments, security documentation, and penetration test results.
• Support the migration of legacy application codes and associated risks (CMDB & GRC) into the ServiceNow structure linked to A3I.
• Participate in risk assessments of AI & innovation solutions developed within A3I.
• Monitor risk remediation plans and support the organization of risk committees.
• Contribute to the improvement of security governance for solutions developed within the Group.
• Review access requests submitted by A3I staff (Iwave, MyAccess, Mobisubscribe, etc.).

Requirements:

• 10+ years of experience in cybersecurity.
• Strong understanding of AI technologies, their potential, and associated security risks.
• Solid knowledge of infrastructure security and cybersecurity governance.
• Experience with IT risk management and cyber risk analysis.
• Knowledge of cybersecurity frameworks and standards such as:
• NIST Cybersecurity Framework
• ISO 27001
• EBIOS RM or other cyber risk analysis methodologies

Languages:

• English – Mandatory
• French – Professional working proficiency