Governance, Risk and Compliance (GRC) Analyst

About the role

We are seeking a motivated Governance, Risk, and Compliance (GRC) Analyst to join our Cybersecurity team in Lisbon. You will support governance, risk, and compliance activities, ensuring alignment with internal policies, regulatory requirements, and global cybersecurity standards.

Key responsibilities

• Support identification, assessment, and reporting of cybersecurity risks.
• Monitor key cybersecurity indicators such as hardening, patching, endpoint protection, and logging, and follow up on remediation.
• Assist in internal and external audits, including evidence collection and stakeholder coordination.
• Help implement and monitor cybersecurity policies, standards, and controls in line with group guidelines.
• Contribute to third‑party risk assessments to ensure security requirements are met.

Required profile

• 2–3 years of experience in Cybersecurity, Risk, or IT Governance.
• Degree in Computer Engineering or a related field.
• Strong analytical and problem‑solving abilities.
• Excellent communication and stakeholder‑management skills.
• Fluent in Portuguese and English; Spanish is a plus.

Required skills

• Good knowledge of cybersecurity frameworks such as ISO 27001, NIST, and CIS.