Cybersecurity Implementation e Vulnerability Management Lead

Olisipo
30, September 2025
Cibersegurança
Tempo inteiro

Descrição do trabalho

Profile:
- Solid experience in cybersecurity within data e analytics or cloud-native environments, with strong knowledge of ISSP or equivalent frameworks.
- Proficient in vulnerability management using tools such as SAST, SCA and vulnerability scanners; capable of assessing and prioritising based on risk and impact;
- Good understanding of IT infrastructure, networking and cloud platforms, particularly Microsoft Azure;
- Familiar with secure software development practices and integrating security controls across the development lifecycle;
- Skilled in enabling security governance processes (e.g., PSAT) and collaborating with technical and business stakeholders;
- Strong communication skills for delivering training, awareness campaigns, and translating complex concepts into practical actions;
- Experienced in interpreting vulnerability reports, defining remediation plans, and contributing to compliance, audits and continuous improvement;
- Certified Information Systems Security Professional (CISSP) is a plus;
- Fluent in English;
- French is a plus.

Responsibilities:
- Implement ISSP controls by translating policy principles into actionable practices across data e analytics environments and supporting the rollout of aligned tools, templates and dashboards;
- Guide project teams through the full PSAT lifecycle—from initiation to validation—ensuring accurate classification, compliance with security requirements and effective reuse and versioning of assessments;
- Collaborate with application owners, infrastructure teams and project leads to embed security into daily operations and development workflows;
- Monitor and assess vulnerabilities using security tooling (e.g. scanners, SAST, SCA), prioritise based on severity and business impact and ensure timely remediation within SLA;
- Support application managers in interpreting vulnerability reports, defining remediation plans and coordinating patching and mitigation activities;
- Contribute to awareness campaigns and deliver training sessions to promote the adoption of ISSP principles across teams;
- Participate in AppSec governance and compliance forums, providing updates, sharing lessons learned and helping shape remediation priorities;
- Support audits, reporting, and improvement plans to maintain alignment with ISSP and Group IT standards, while continuously improving detection and risk management processes.

We offer:
- Health insurance;
- Free online training through the Udemy platform;
- On-site and remote training at Olisipo's Learning Center;
- Free certifications (after passing the exam);
- Discounts at Olisipo Partners (in the areas of health and well-being, fitness, travel, among others);
- Free psychological consultations;
- Possibility of a salary advance, without commissions.

Voltar para homepage