Match Profiler is an Information Systems consultant who has been working in the national and international market since ****.
We have multidisciplinary skills and IT know-how that allow us to contribute, optimize and progress with our clients.
We are currently recruiting, for integration in our internal team/client, professionals with the following profile:
IT Security Specialist GRC - Hybrid (Porto - 2 days/week)
Hard skills
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related
3+ years of experience in Information Security GRC
Strong knowledge of security frameworks (e.g., ISO *****, ISO*****, NIST, IEC *****)
Familiarity with regulatory requirements such as GDPR, NIS2, etc
Experience with risk management tools, compliance platforms, and security monitoring solutions
Experience conducting security audits and risk assessments
Understanding of IT security principles, cloud security, and network security
Availability to travel, mainly in Europe
Fluent in English
Responsibilities
Assist the ISO in implementing the information and cyber security strategy and program
Support the development and implementation of a risk management methodology aligned with company' strategy and policies
Ensure alignment between information and cyber security risk management and the company risk management framework
Provide guidance and support on information and cyber security risk management activities
Assess the effectiveness of security controls in IT and OT environments
Monitor information and cyber security risks by evaluating control implementation, asset vulnerabilities, threat landscapes, and security incidents
Report risk trends to Risk Owners and other relevant committees
Develop and maintain security documentation, including standards, processes, procedures, guidelines, contractual clauses, and control catalogs
Design and maintain an unified IT and OT security architecture aligned with the overall security strategy
Establish a security architecture repository: principles, terminology, security services, control frameworks, and reference models
Support first-line teams in identifying and addressing cyber security risks and requirements in new products, projects, processes, and services
Develop and implement security education, training, and awareness programs to foster security-conscious behaviors across IT and OT environments
Provide evidence of risk oversight and control implementation for internal and external audits
Communicate the status and progress of the security program to key stakeholders
Monitor compliance with security architecture and standards.
Collect and analyze key performance and effectiveness metrics to support decision-making and inform the ISO.
Soft skills
Good communication
Team spirit
Proactivity
Time management
What we can offer
Personalized support from your team
Your manager will take into consideration your motivations and suggestions
Victories will be celebrated together
Your HR and Support Teams will always be available to help
Constant feedback on your work
A network of hundreds of partnerships with companies from numerous sectors that offer you exclusive discounts (health, well-being, travel, gastronomy, culture, leisure, training, etc)
And, of course, many gatherings and social events