2 days ago Be among the first 25 applicants
Get AI-powered advice on this job and more exclusive features.
IT RISK ANALYST (HYBRID PORTO)
Portuguese company hires for a hybrid position.
Location: Porto, Portugal.
Start Date: ASAP.
Language Requirements: Fluent English (C1 level). French appreciated.
Seniority: 6+ years (must be reflected in your CV).
Instructions: Please send your CV in English and include all skills and experience that match the requirements of the opportunity.
About the Role
We are looking for a skilled IT Risk Analyst to join our team and actively contribute to cyber risk management, cloud security assessments, and governance. You will play a critical role in challenging existing risk assessments, monitoring remediation plans, and improving cloud risk reporting to strengthen the organization's cybersecurity posture.
Key Responsibilities
- Challenge Existing Cyber Risk Assessments
- Review and analyze risk assessments based on ISO 27005 / EBIOS Risk Manager.
- Track and challenge remediation plans implemented by service providers or business entities.
- Actively contribute to risk assessments for cloud platforms and applications.
- Lead risk assessments following ISO 27005 / EBIOS methodologies (ideal).
- Cloud Cybersecurity Risk Cartography
- Monitor data quality and comprehensiveness in the Cloud Register and Cloud Risks Register using ServiceNow.
- Develop and improve risk reporting templates (ServiceNow or external tools such as Tableau).
- Provide periodic cloud risk reporting.
- Participate actively in quarterly cloud risk committees.
- Contribute to cloud third‑party onboarding studies (risk assessment, case study reviews).
- Support miscellaneous governance and organizational tasks related to the team.
Technical Skills (must‐have)
- Risk management methodologies: ISO 27005 and/or EBIOS Risk Manager – Expert
- ServiceNow (or similar risk management tools) – Expert
- Cloud principles and security – Experienced (appreciated)
- Certifications in ISO 27005 Risk Manager and/or EBIOS Risk Manager – a plus
Language Skills
- English – Mastery (mandatory)
- French – Practical knowledge appreciated
Soft Skills
- Strong collaboration and teamwork abilities
- Excellent written and verbal communication skills
- Ability to challenge processes and influence stakeholders
Why Join Us
- Play a key role in shaping the organization's cyber risk strategy.
- Work with cloud technologies and risk management frameworks.
- Contribute to continuous improvement of cybersecurity governance.
Important: Only candidates meeting all mandatory technical and language requirements should apply. Ensure your CV clearly demonstrates your experience in ISO 27005/EBIOS Risk Manager methodologies, cloud risk assessments, and ServiceNow usage.
#J-18808-Ljbffr