IT RISK ANALYST (HYBRID PORTO)
Portuguese
company hires for hybrid position
Location: Porto, Portugal
Start Date: ASAP
Language
Requirements: Fluent English (C1 level) | French appreciated
Seniority:
6+ years (must be reflected in your CV)
Instructions:
Please send your CVs in English and make sure to include all skills and
experience that match the requirements of the opportunity. This will
significantly increase your chances of success
_______________________________________________________________
About the Role:
We are looking for a skilled IT Risk Analyst to join our team and
actively contribute to cyber risk management, cloud security assessments,
and governance. You will play a critical role in challenging existing
risk assessments, monitoring remediation plans, and improving cloud risk
reporting to strengthen the organization's cybersecurity posture.
Key Responsibilities:
1. Challenge Existing Cyber Risk
Assessments
* Review and analyze risk assessments
based on ISO 27005 / EBIOS Risk Manager.
* Track and challenge remediation plans
implemented by service providers or business entities.
* Actively contribute to risk assessments for
cloud platforms and applications.
* Lead risk assessments following ISO 27005 /
EBIOS methodologies (ideal).
2. Cloud Cybersecurity Risk
Cartography
* Monitor data quality and comprehensiveness
in the Cloud Register and Cloud Risks Register using ServiceNow.
* Develop and improve risk reporting
templates (ServiceNow or external tools such as Tableau).
* Provide periodic cloud risk reporting.
* Participate actively in quarterly cloud
risk committees.
3. Additional Activities
* Contribute to cloud third-party onboarding
studies (risk assessment, case study reviews).
* Support miscellaneous governance and
organizational tasks related to the team.
Technical Skills (must-have in
your CV):
* Risk management methodologies: ISO 27005 and/or EBIOS
Risk Manager – Expert
* ServiceNow (or similar risk management tools) – Expert
* Cloud principles and security – Experienced (appreciated)
* Certifications in ISO 27005 Risk Manager
and/or EBIOS Risk Manager – a plus
Language Skills:
* English – Mastery (mandatory)
* French – Practical knowledge appreciated
Soft Skills:
* Strong collaboration and teamwork abilities
* Excellent written and verbal communication
skills
* Ability to challenge processes and
influence stakeholders
Why Join Us?
* Play a key role in shaping the
organization's cyber risk strategy.
* Work with cloud technologies and risk
management frameworks.
* Contribute to continuous improvement of
cybersecurity governance.
Important: Only
candidates meeting all mandatory technical and language requirements
should apply. Ensure your CV clearly demonstrates your experience in ISO
27005/EBIOS Risk Manager methodologies, cloud risk assessments, and ServiceNow
usage.
#CI