Cybersecurity Analyst - Hybrid Remote - Lisbon
Posted 2025-08-23
Remote, USA
Full Time
Immediate Start
<p>Boost IT is a Portuguese technology consultancy company, we are integrated into one of the most entrepreneurial groups in Portugal, with investment in more than 30 companies.</p>
<p>We want to be known for being the most dynamic, energetic and reliable company to operate in the market and, for that, we want to count on you.</p>
<p>If you're passionate about technology and want to work on the most relevant technology projects, then this ad could be for you!</p>
<p>Boost IT. Doing IT. Better</p>
<h2 id="tasks">Tasks</h2>
<p>● Risk Management and Compliance: ○ Identify, assess and monitor cybersecurity and compliance risks. </p>
<p>○ Ensure implementation and compliance with applicable standards and regulations (e.g. GDPR, ISO 27001, NIST CSF, NIS2). </p>
<p>○ Support internal and external audits, ensuring adequate preparation and response to security findings. </p>
<p>● Security Policies and Processes: ○ Develop and maintain GRC policies, standards and frameworks aligned with market best practices. </p>
<p>○ Collaborate with internal teams to ensure effective implementation of security controls. </p>
<p>○ Conduct periodic assessments and reviews to continually improve security practices. </p>
<p>● Monitoring and Reporting: ○ Define and track risk and compliance KPIs and metrics. </p>
<p>○ Prepare reports for management on the status of security and identified risks. </p>
<p>○ Participate in the definition and execution of security incident response plans. </p>
<p>● Training and Awareness: ○ Develop and promote security and compliance awareness programs for employees. </p>
<p>○ Promote good practices and safe behaviors within the organization. </p>
<p>● Strategic Support and Collaboration: ○ Act as a strategic partner to the IT, Legal and Business teams in risk management and compliance. </p>
<p>○ Provide support in assessing supplier and third party risks.</p>
<h2 id="requirements">Requirements</h2>
<p>● <strong>Minimum 3 years of experience</strong> as a Cybersecurity Analyst or in a similar role.</p>
<p>● Strong knowledge of process analysis, quality assurance, and audit preparation.</p>
<p>● Hands-on experience with international standards such as <strong>ISO 27001</strong>, <strong>GDPR</strong>, <strong>NIST CSF</strong>, and <strong>NIS2</strong>.</p>
<p>● Experience implementing and maintaining compliance frameworks.</p>
<p>● Excellent communication and documentation skills.</p>
<p>● Proven ability to manage multiple priorities and interact with diverse teams.</p>
<p>● <strong>Fluency in English is essential</strong> (spoken and written).</p>
<p>● Relevant certifications (e.g., ISO 27001 Lead Implementer, CISA, CISSP, or similar) are a plus.</p>
<p>We want to be known for being the most dynamic, energetic and reliable company to operate in the market and, for that, we want to count on you.</p>
<p>If you're passionate about technology and want to work on the most relevant technology projects, then this ad could be for you!</p>
<p>Boost IT. Doing IT. Better</p>
<h2 id="tasks">Tasks</h2>
<p>● Risk Management and Compliance: ○ Identify, assess and monitor cybersecurity and compliance risks. </p>
<p>○ Ensure implementation and compliance with applicable standards and regulations (e.g. GDPR, ISO 27001, NIST CSF, NIS2). </p>
<p>○ Support internal and external audits, ensuring adequate preparation and response to security findings. </p>
<p>● Security Policies and Processes: ○ Develop and maintain GRC policies, standards and frameworks aligned with market best practices. </p>
<p>○ Collaborate with internal teams to ensure effective implementation of security controls. </p>
<p>○ Conduct periodic assessments and reviews to continually improve security practices. </p>
<p>● Monitoring and Reporting: ○ Define and track risk and compliance KPIs and metrics. </p>
<p>○ Prepare reports for management on the status of security and identified risks. </p>
<p>○ Participate in the definition and execution of security incident response plans. </p>
<p>● Training and Awareness: ○ Develop and promote security and compliance awareness programs for employees. </p>
<p>○ Promote good practices and safe behaviors within the organization. </p>
<p>● Strategic Support and Collaboration: ○ Act as a strategic partner to the IT, Legal and Business teams in risk management and compliance. </p>
<p>○ Provide support in assessing supplier and third party risks.</p>
<h2 id="requirements">Requirements</h2>
<p>● <strong>Minimum 3 years of experience</strong> as a Cybersecurity Analyst or in a similar role.</p>
<p>● Strong knowledge of process analysis, quality assurance, and audit preparation.</p>
<p>● Hands-on experience with international standards such as <strong>ISO 27001</strong>, <strong>GDPR</strong>, <strong>NIST CSF</strong>, and <strong>NIS2</strong>.</p>
<p>● Experience implementing and maintaining compliance frameworks.</p>
<p>● Excellent communication and documentation skills.</p>
<p>● Proven ability to manage multiple priorities and interact with diverse teams.</p>
<p>● <strong>Fluency in English is essential</strong> (spoken and written).</p>
<p>● Relevant certifications (e.g., ISO 27001 Lead Implementer, CISA, CISSP, or similar) are a plus.</p>