Senior Cyber Governance Officer

Lùkla Portugal
09, March 2026
Cibersegurança
Tempo inteiro

Descrição do trabalho

At Lùkla, we partner with major European organisations operating in highly regulated and business-critical environments.

We are seeking a senior Cyber Governance Officer to strengthen the cybersecurity governance framework within a regulated financial environment.

This role sits within the 2nd Line of Defense and is responsible for overseeing cybersecurity risk, ensuring alignment with regulatory frameworks, and providing structured risk opinions to senior management and stakeholders.

The ideal candidate combines a strong cybersecurity background with governance maturity, enabling them to challenge technical teams, assess control effectiveness, and communicate cyber risk clearly at executive level.

  • Key Responsibilities
  • Ensure alignment with cybersecurity regulatory frameworks and standards such as ISO/IEC 27001, NIST cybersecurity Framework, and DORA
  • Oversee entity compliance with internal cybersecurity policies and procedures
  • Perform cybersecurity maturity assessments and gap analyses
  • Issue structured risk opinions on new projects, transformation initiatives, and emerging technologies
  • Monitor the formalization and effectiveness of cybersecurity controls
  • Provide consolidated reporting on cybersecurity risk exposure to senior management and steering committees
  • Challenge IT and security teams where necessary, ensuring alignment with risk appetite
  • Support the deployment and continuous improvement of the cyber governance framework
  • Promote cybersecurity awareness across business and technology stakeholders
  • Required Experience & Skills
  • Minimum 6+ years of experience in Cybersecurity Governance, Cyber Risk, or ICT Risk
  • Strong understanding of cybersecurity risk domains (IAM, Cloud Security, Network Security, Vulnerability Management, Incident Response)
  • Practical experience applying ISO 27001 and NIST frameworks
  • Experience in 2nd Line of Defense or equivalent oversight role
  • Proven experience delivering executive-level risk reporting
  • Ability to assess control effectiveness beyond documentation review
  • Experience participating in or leading governance committees
  • Strong ability to translate technical cyber risks into business impact
  • Certifications (Preferred)
  • ISO 27001 Lead Auditor or Lead Implementer
  • ISO 27005 Risk Management
  • CISM / CRISC / CISA
  • Soft Skills
  • Strong communication and influencing skills
  • Ability to challenge constructively
  • Executive presence
  • Structured analytical mindset
  • Ability to synthesize complex cyber topics into clear messaging
  • Languages
  • English – Fluent (mandatory)
  • French – Nice to have

Would you be interested?

Apply now!

Voltar para homepage