Risk & Compliance Auditor
Lisbon, Lisbon, Portugal
Truphone
We believe that connectivity can be easier, smarter and more efficient. Since 2006, we have built state of the art SIM software, intuitive management platforms and a powerful global network to make this a reality.Main Purpose of the Role
Work hand-by-hand with our technology and operational teams on continuous improvement of security and resiliency of Truphone’s products and services.
Help our business leaders to make informed, well-timed and risk-aware decisions regarding the investments in Information Security, Privacy and Business Continuity.
Key Responsibilities
- Evaluation of the operational activities and advice on appropriate steps or activities to guarantee compliance with legal, regulatory and contractual requirements and continuity of Truphone’s critical services
- Participate in the development and maintenance of global policies and standards, including the assurance and governance of policies and standards in support of ISO 27001, ISO 22301, GSMA SAS certifications and GDPR compliance
- Ensuring that all policies and procedures are implemented and well documented.
- Pro-actively identify vulnerabilities and weak security controls, conduct security audits and recommend improvements and corrective actions to the relevant teams.
- Participate in Risk Management, cybersecurity awareness and Internal/External audit activities.
- Supplier Security due diligence and audits.
Requirements
Skills and Experience Required:
- Previous experience in information security management and/or related functions (such as IT audit and IT Risk Management).
- Significant awareness of relevant compliance requirements (Information Security, Privacy and Business Continuity)
- Experience in Systems Business Continuity/Disaster Recovery, plus Risk & Compliance Management.
- Experience in Pen Testing finding analysis, vulnerability management, and mitigation.
- Ability to develop and maintain policies, standards and processes.
- Proven experience in projects related with design and implementation of Information Security, Privacy and Business Continuity solutions.
- Information security, Business Continuity or Privacy qualifications a plus.
- Project and Program Management qualifications a plus.
- Solid experience in performing IT audits, security vulnerability assessments, system configuration verifications, and security-related assignments within a Telecoms services environment.
- Experience in gathering of metrics and reporting to all levels within the organization.
- Manage the relationships with suppliers/partners to assure levels of Security & Compliance capabilities are commensurate
- Excellent communication, reporting, and interpersonal skills.
Tags: Audits Compliance GDPR Governance ISO 22301 ISO 27001 Pentesting Privacy Risk management Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Senior Cyber Security Specialist jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs