Information Security Officer (Governance, Risk and Compliance)
Dellent is a consulting company focused on System Information and Telecommunications. Our goal is to help our candidates and consultants to take a step forward in their careers through projects that meet their needs and expectations. In this project, you’ll be in contact with the European stock market area. Despite our development center being located in Porto and all administrative support in Lisbon, you will be part of a multicultural team that is spread across several European cities.
We are seeking an Information Security Officer (Governance, Risk and Compliance) to join our team in Porto (hybrid model).
Key Activities:
1. Assisting with the implementation and maintenance of the Information Security Programme;
2. Assisting with efforts to align internal security practices with industry best practices and security frameworks commensurate with strategy and the expectations of our clients and regulators;
3. Timely and accurate reporting of the current state of all assigned projects/initiatives;
4. Keeping track of policy and standards exceptions and the risks aligned to them;
5. Keeping abreast of new risks and trends in the threat landscape that may need to be addressed within information security policies, procedures, and standards;
6. Exhibiting a broad knowledge of security compliance and auditing frameworks and applying those to formulate policies, procedures, and standards;
7. The delivery of ongoing security awareness and training through various tools and workshops;
8. Ownership and oversight of all controls owned by InfoSec, including the approval point for all change efforts that might impact any such controls.
Required Skills:
1. 2+ years’ experience in a specific Information Security role (e.g., related ISO 27001 consultant/projects);
2. Experience within the financial sector will be a considerable benefit;
3. Past/proven experience working in a team;
4. Established background in Information Security Risks processes and in IT/Information Security Audit;
5. Strong background and knowledge of working with and implementing international security standards and frameworks, such as: ISO 27001, ISO 27002, ISO 27005, NIST, Cobit 5, etc.;
6. Ability to deliver security education and awareness training sessions and material;
7. Excellent written/verbal communication skills and organisational skills;
8. Must be able to work well under pressure, prioritise workload appropriately, and work well alone or as part of a team;
9. Ability to adjust to changing priorities while multitasking effectively and to articulate complex security and privacy concepts to business users;
10. Ability to communicate with clients in a professional manner;
11. Working/technical knowledge of IT infrastructure and security specific controls;
12. Security industry certifications are considered a plus, e.g., CISA, CISM, CRISC, CGEIT, Cobit 5, ISO 27001 or other security/ISO related certifications.
We Offer:
1. Integration in a dynamic, experienced, and friendly team;
2. Technical, behavioral, and linguistics training opportunities;
3. Career development.
If the above sounds like the right job opportunity for you, do not hesitate to apply here.
#J-18808-Ljbffr