Cybersecurity & GRC Specialist

Adyta is reinforcing its cybersecurity services capabilities to respond to the growing demand for governance, compliance and security assurance services in critical and high-trust environments.

Based at UPTEC, in Porto, Adyta develops secure communications technologies and delivers cybersecurity services for organizations where security, privacy and resilience are critical requirements. Alongside its cybersecurity services activity, Adyta participates in European and national R&D and defence-related projects focused on secure communications, digital sovereignty and next-generation cybersecurity technologies.

We are looking for a cybersecurity professional with strong governance, risk and compliance capabilities, combined with a pragmatic mindset and the ambition to help evolve and strengthen a modern cybersecurity services practice.

• Contribute to cybersecurity governance, risk and compliance projects
• Participate in security assessments, audits and certification readiness initiatives
• Support organizations in addressing regulatory and cybersecurity requirements, including NIS2-related challenges
• Contribute to the evolution and structuring of Adyta’s cybersecurity services portfolio
• Work closely with technical teams involved in offensive security and assurance activities
• Support the preparation of technical and commercial proposals
• Engage with clients operating in regulated and high-trust sectors
• Help identify emerging cybersecurity service opportunities aligned with market evolution

• Proven experience in cybersecurity governance, risk and compliance (GRC)
• Experience with ISO 27001 implementation, auditing or certification readiness processes
• Familiarity with cybersecurity regulatory and compliance frameworks
• Experience participating in cybersecurity audits, assessments or risk analysis activities
• Professional experience in cybersecurity consulting or cybersecurity services environments
• Ability to communicate clearly with technical and non-technical stakeholders
• Strong written and verbal communication skills in Portuguese and English

• Governance, Risk & Compliance (GRC)
• Information Security Management Systems (ISMS)
• Risk assessment and mitigation methodologies
• Security policies and procedures
• Compliance and audit preparation
• Cybersecurity best practices and security assurance concepts
• Understanding of offensive security / penetration testing concepts and workflows

• Experience with NIS2-related projects or compliance initiatives
• Experience in regulated or critical sectors
• Certifications such as:
• ISO 27001 Lead Implementer
• ISO 27001 Lead Auditor
• CISSP
• CRISC
• Experience supporting presales or proposal preparation
• Interest in cybersecurity strategy and service development

• Pragmatism and execution capacity
• Ownership and accountability
• Curiosity and continuous learning
• Ability to adapt in a fast-moving environment
• Ambition to help build and improve cybersecurity services with real impact

• Opportunity to work on meaningful cybersecurity and secure communications challenges
• Exposure to high-trust, critical and innovation-driven environments
• Close collaboration with experienced technical and strategic teams
• Participation in an ambitious and growing cybersecurity company
• Hybrid work model
• Office at UPTEC – University of Porto Science and Technology Park
• Competitive compensation package aligned with experience and profile, with salary range up to €50,000 gross/year.

📍 Porto (Hybrid)

🕒 Full-time