Full-Time GRC Consultant Junior | International Project

• Support the planning, implementation, and management of an Information Security Management System (ISMS) based on ISO 27001.
• Assist in conducting comprehensive gap analyses and information security risk assessments (e.g., using ISO 27005 or similar methodologies).
• Support internal audits to ensure readiness for certification.
• Assist in developing, writing, and reviewing necessary ISMS documentation (including policies, procedures, and the Statement of Applicability).
• Act as a supporting point of contact for internal and external audits.
• Assist in providing guidance on security controls and risk mitigation strategies to multiple stakeholders.
• Keep up-to-date on the latest trends and regulations in GRC.
• Foundational knowledge or prior experience (including internships) in ISO 27001 implementation projects.
• A good understanding of the ISO 27000 series (specifically 27001, 27002, and 27005).
• Strong theoretical knowledge or some practical experience in information security risk assessment and management.
• Demonstrable ability to assist with ISMS documentation.
• Experience in supporting internal and external audits.
• Excellent organisational, analytical, and problem-solving skills.
• Strong sense of ethics, integrity, and responsibility.
• Excellent communication and teamwork skills.
• Fluency in Portuguese and high proficiency in English.
• Relevant foundational GRC certifications, such as ISO 27001 Foundation or similar, are highly valued.
• Familiarity of other compliance frameworks (e.g., NIST, PCI DSS, SOC 2).
• Familiarity of GRC tools.
• Familiarity of the main laws and regulations applicable to the European Union.
• Participation in communities, forums, or professional networks related to GRC

What is the last date for applying to the job?

Which countries are accepted for this remote job?