Main Missions Within the Cybersecurity Department of a major Luxury Group, the Security Integration in Projects (ISP) team ensures that security requirements are proactively and effectively embedded across all IT projects within the Group. The ISP acts as a key player in the cybersecurity framework in order to:Reduce exposure to cyber risksEnsure regulatory complianceEnforce internal security standardsPromote a strong Security by Design cultureThe objective of this mission is to act as a Risk Assessor within the ISP team, contributing to all activities within the scope, in close collaboration with project teams, business stakeholders, cybersecurity teams, and design functions (architecture, privacy).Main Activities Security integration from project initiation: participation in Kick-Off Meetings, project criticality assessment, identification of security stakes, and triggering of required analyses.Risk analysis and treatment: execution of Business Impact Analysis (BIA) and CATIS, identification of threat scenarios, risk evaluation (custom methodology aligned with ISO 27005 & EBIOS RM), definition and follow‐up of mitigation measures.Pentest coordination and follow‐up: planning and coordination with external providers, analysis of test reports, and monitoring of vulnerability remediation.Validation of new applications/tools: risk assessment, compliance verification against internal standards, definition of compensating controls where needed, and issuance of formal security opinions.Technical architecture challenge: security review of proposed architectures (network segmentation, IAM, encryption, APIs, logging, interconnections) and formulation of recommendations prior to production go‐live.Your Profile Confirmed to Senior Profile (minimum 4 years of experience) withstrongexpertise in cybersecurity and risk assessment activities.Technical SkillsStrong knowledge of Information Security principlesRisk analysis expertise (ISO 27005 / EBIOS RM aligned)Blue team and security control expertiseArchitecture security (on-premise and cloud environments)Application securityNetwork and Infrastructure securityVulnerability managementUnderstanding of modern IT environmentsExpertise in AI, Cloud security, payment systems security (highly appreciated)Project Environments AS400, Headless architectures, SAP, data platforms, new retail points of sale, Cloud AWS, Azure, GCP, Alibaba, Salesforce.Certifications (advantageous) CCSP, ISO27001, CISA, CRISC, CEH, CISSP, CCNA Cisco.Facultative Red team culture or experiences.Soft SkillsAbility to challenge stakeholders diplomaticallyStrong analytical and structured mindsetLeadership capabilitiesStrong synthesis and reporting skillsHigh level of autonomyProactive and solution-oriented mindsetLanguagesEnglish: mandatoryFrench: recommendedLocation & Gender Cybersecurity Consultant M/F • Évora Monte, Portuguese Republic, PT.EEO Statement We value diversity and inclusion. Every voice matters, and we encourage applications from all backgrounds. All our offers are open to people with disabilities.#J-18808-Ljbffr