IT Security Specialist GRC - Porto, Hybrid
Join to apply for the IT Security Specialist GRC - Porto, Hybrid role at Noesis
6 days ago Be among the first 25 applicants
Get AI-powered advice on this job and more exclusive features.
Main Tasks And Responsibilities
* Assist the ISO in implementing the information and cyber security strategy and program;
* Support the development and implementation of a risk management methodology aligned with company' strategy and policies;
* Ensure alignment between information and cyber security risk management and the company risk management framework;
* Provide guidance and support on information and cyber security risk management activities;
* Assess the effectiveness of security controls in IT and OT environments;
* Monitor information and cyber security risks by evaluating control implementation, asset vulnerabilities, threat landscapes, and security incidents;
* Report risk trends to Risk Owners and other relevant committees;
* Develop and maintain security documentation, including standards, processes, procedures, guidelines, contractual clauses, and control catalogs;
* Design and maintain a unified IT and OT security architecture aligned with the overall security strategy;
* Establish a security architecture repository: principles, terminology, security services, control frameworks, and reference models;
* Support first-line teams in identifying and addressing cyber security risks and requirements in new products, projects, processes, and services;
* Develop and implement security education, training, and awareness programs to foster security-conscious behaviors across IT and OT environments;
* Provide evidence of risk oversight and control implementation for internal and external audits;
* Communicate the status and progress of the security program to key stakeholders;
* Monitor compliance with security architecture and standards;
* Collect and analyze key performance and effectiveness metrics to support decision-making and inform the ISO.
Qualifications
Requirements:
* Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field;
* 3+ years of experience in Information Security GRC;
* Strong knowledge of security frameworks (ISO 27001, ISO27005, NIST, IEC 62443);
* Familiarity with regulatory requirements such as GDPR, NIS2, etc;
* Experience with risk management tools, compliance platforms, and security monitoring solutions;
* Experience conducting security audits and risk assessments;
* Understanding of IT security principles, cloud security, and network security;
* Fluent in English;
* Availability to travel, mainly in Europe.
Key Skills
* Challenges-driven, rigorous, strong commitment;
* Critical-thinking and problem-solving skills;
* Keen to learn;
* Comfortable working with high autonomy and as a team player;
* Capacity to handle sensitive and confidential information;
* Organized with the capacity to handle multiple projects simultaneously;
* Communication and collaboration skills to work effectively with cross-functional teams and external stakeholders, with the capacity to adapt your communication;
* Passionate about cybersecurity and staying up-to-date on the latest threats and trends.
If you meet these conditions and would like to join an innovative organization that continuously invests in training its talents, send us your application.
Join us. Let's innovate together!
All our recruitment and selection processes are based on equal opportunities, valuing the competence and potential of each person and ensuring that no candidate is discriminated on the grounds of gender, ethnicity, sexual orientation, age, religion or physical condition.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
Strategic Management Services
Referrals increase your chances of interviewing at Noesis by 2x.
Get notified about new Information Technology Security Specialist jobs in Porto, Porto, Portugal.
#J-18808-Ljbffr