Copy of Devoteam Cyber Trust| GRC Consultant Senior | International Project

Devoteam Cyber Trust is seeking an experienced Senior ISO 27001 Consultant to lead and support a key client-facing ISMS implementation project. 

The ideal candidate will have extensive hands-on experience in guiding organisations through the entire ISO 27001 certification lifecycle ensuring compliance and robust security posture as part of a dedicated project team.

• Lead the planning implementation and management of an Information Security Management System (ISMS) based on ISO 27001.

• Conduct comprehensive gap analyses and information security risk assessments (e.g. using ISO 27005 or similar methodologies).

• Manage and conduct internal audits to ensure readiness for certification.

• Develop write and review all necessary ISMS documentation (including policies procedures and the Statement of Applicability).

• Act as the primary point of contact for and coordinate internal and external audits.

• Provide expert guidance on security controls and risk mitigation strategies to multiple stakeholders.

• Mentor junior team members and oversee project deliverables.

• Keep up-to-date on the latest trends and regulations in GRC

Qualifications :

• Proven significant experience (Senior level) in leading multiple end-to-end ISO 27001 implementation projects.

• Expert knowledge of the ISO 27000 series (specifically and 27005).

• Strong practical experience in information security risk assessment and management.

• Demonstrable experience in developing high-quality comprehensive ISMS documentation.

• Experience in managing and responding to internal and external audits.

• Relevant industry certifications (e.g. ISO 27001 Lead Implementer CISM CISSP or equivalent).

• Excellent organisational analytical and problem-solving skills.

• Strong sense of ethics integrity and responsibility.

• Excellent communication and teamwork skills.

• Fluency in Portuguese and high proficiency in English.

Nice to Have:

• Relevant GRC certifications such as ISO 27001 Lead Implementer or similar are highly valued. 

• Knowledge of other compliance frameworks (e.g. NIST PCI DSS SOC 2).

• Knowledge of GRC tools.

• Knowledge of the main laws and regulations applicable to the European Union.

• Participation in communities forums or professional networks related to GRC

Additional Information :

The Devoteam Group works for equal opportunities promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity dynamism and excellence of our organization. All of our vacancies are open to people with disabilities.

What we offer:

• Professional development and monitoring talent;
• Commitment to our employees development;
• Collaboration in a company that is constantly growing and evolving.
• Strong organisational culture: collaboration sharing flexibility integrity and low ego.

Would you like to join our team Then send your CV.

Remote Work :

Yes

Employment Type :

Full-time