• Provide support for the maintenance of the information security framework
• Conduct security (risk and control) assessments and advise on necessary improvements to enhance security controls and practices as needed
• Work with business units and technologists to identify (Information security) risks and support the organisation in implementing security controls to mitigate them
• Assist in determining exposure to information/cyber security/cloud security risk and resilience risk as well as evaluating readiness to mitigate them effectively
• Help articulate risk appetite concerning information/cyber security and BCCM

• Provide guidance to the organisation on information security principles, controls and control design.
• Assist and guide the organisation in the implementation of information security framework and application security principles, including secure coding, threat modelling, and security testing
• Support remediation activities to ensure that internal audit, legal and regulatory requirements are met.
• Assist the organisation in in integrating security into the various stages of Software Development Lifecycle (SDLC) and DevOps pipelines.
• Ensure that an adequate (as well as business friendly) assurance and reporting framework including evidence, KPIs and KRIs are in place

• Participate in internal and external risk assessments
• Coordinate information security assessments and mitigating measures with relevant stakeholders IT, Legal, Operations and Privacy stakeholders
• Collaborate across central and local functions to establish sustainable approaches and forge necessary alignments.

What you will need to succeed

• Bachelor’s degree in a related field.
• Minimum 3 years of experience working with information security and business continuity
• Experience in information security processes
• Understanding security pitfalls in both on-premise and cloud software development and how to avoid them.
• Understanding of tools and practices that facilitate DevSecOps approach such as automated security scanning and continuous integration/continuous deployment (CI/CD) security.
• Solid ability to translate complex security and continuity issues into business risks
• Relevant certifications ( CISM, CISA, CRISC, etc.)
• Thrive in a progressive environment and ability to prioritize and handle multiple tasks

Who we are

I am an IT Recruitment focused on permanent roles in Lisboa. I help professionals develop their careers and ensure that organizations are supported by the best talent.

In today's market, there are no limits to technological talent and no limits to the pace of change for companies. We have built a leading human network in this digital age. Our mission is to meet your aspirations in the sense of working together and successfully combining the best professionals with companies.

The relationships we establish with professionals and our many years of market experience allow us to share global and current insights. So, if you are looking for a new challenge or if you are recruiting for your team, talk to us.

Because at Hays we work for your tomorrow.


Next Steps
If you are interested in this opportunity, please send us your updated CV. If you're looking for another type of professional challenge, contact us to discuss other career opportunities, always in complete confidence.
#LI-DNI