Overview
We are looking for a Full-remote Governance, Risk & Compliance (GRC) Consultant to integrate directly with the team of our client – a reference company in the computer & network security sector.
Responsibilities
* Assess clients' cybersecurity governance, risk, and compliance posture, identifying gaps and providing actionable recommendations.
* Conduct risk assessments, identify vulnerabilities, and recommend mitigation strategies, assisting clients in internal and external audits by ensuring robust documentation and explanations.
* Help clients develop and update information security policies and procedures, and prepare reports and presentations outlining findings, recommendations, and compliance status.
* Plan and lead national and international cybersecurity projects, manage risks, and ensure operational control, collaborating with different teams.
Requirements
* Academic background in Computer Engineering, Science or similar areas.
* Minimum 3 years of experience in GRC.
* Solid understanding and practical experience with at least one major information security framework (e.g., ISO 27001, NIST CSF, COBIT).
* Strong analytical and problem-solving skills with the ability to interpret complex technical and regulatory requirements.
* Relevant certifications such as CRISC, CISM, CISA, ISO 27001 Implementer/Auditor, CISPP, ISO9001, GDPR or similar; will be a plus.
* Fluency in Portuguese and English.
Additional information
* Seniority level: Mid-Senior level
* Employment type: Full-time
* Job function: Other
* Industries: IT Services and IT Consulting
#J-18808-Ljbffr