We are seeking a Cybersecurity Consultant with strong experience in Governance, Risk, and Compliance (GRC) to support the design, implementation, and continuous improvement of cybersecurity frameworks and management systems. The role will be a hybrid role, based in Lisbon.

Key Responsibilities:

• Conduct GRC assessments, risk analyses, and compliance gap assessments.
• Lead the implementation, maintenance, and continual improvement of ISO‑based management systems (e.g., ISO 27001 ISMS).
• Develop, update, and maintain security policies, procedures, guidelines, and risk registers.
• Support internal and external audits, including preparation for certification and audit evidence collection.
• Advise stakeholders on risk treatment options, security control selection, and remediation actions.
• Monitor compliance status, identify deviations, and drive continuous improvement initiatives.
• Ensure clear, structured, and traceable documentation of policies, processes, and compliance evidence.
• Collaborate with technical and non-technical teams to align security governance and risk management activities.

Requirements:

• A relevant degree in cybersecurity, information technology, or related fields; professional certifications (e.g., ISO 27001 Lead Implementer/Lead Auditor, CISM, CRISC) are an advantage.
• Proven experience in cybersecurity GRC and risk management.
• Hands-on experience with the implementation and auditing of ISO standards (such as ISO 27001, ISO 22301, etc.).
• Strong understanding of information security controls, governance practices, and regulatory expectations.
• Ability to effectively document policies, procedures, reports, and audit‑ready evidence.
• Excellent communication skills for engaging with diverse teams across the organization.

📩 Interested?

Apply now or send me a direct message to learn more.

We look forward to connecting with you!