DORA Consultant
Lisboa, Portugal
Devoteam
Guiding IT Transformations with creative tech solutions in AI, Cloud, Cybersecurity & Sustainability. A trusted partner to 2500+ companies.Company Description
Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. With our 800+ experts located across EMEA, we aim to establish cybersecurity as an enabler of business success rather than a gatekeeper. We leverage an end-to-end approach to Cyber Resilience, Applied Security, and Managed Security services to secure the tech journey of large and medium-sized companies from all sectors and industries.
Since 2009, previously known as INTEGRITY, our team based in Portugal is specialised in providing cutting-edge Managed Security Services that combine its expertise and proprietary technology to consistently and effectively reduce the cyber risk of our clients.
The comprehensive service range includes Persistent Intrusion Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. ISO 27001 (Information Security) and ISO 9001 (Quality) certified, PCI-QSA, and member of CREST and CIS - Centre for Internet Security, we provide services to a considerable number of clients, operating in more than 20 countries.
Job Description
We are looking for DORA Consultants or experienced people in DORA subjects (such as ICT Governance and oversight, ICT Risk Management, ICT Incident Response & Reporting, Third Party Risk Management and resilience testing).
The DORA Consultant will be part of the team responsible for analysing, designing, implementing, and governing processes and technologies related to the DORA compliance.
The candidate will have the following duties/responsibilities:
- Support implementation of DORA (Digital Operational Resilience Act), to ensure compliance with DORA regulations by mid-January 2025;
- Perform system and process assessment and provide analysis and guidance;
- Support the design and delivery of potential solutions, new automations of assessments/templates and workflows and integration into existing technology landscape;
- Oversee the implementation of key works streams and approved process improvements;
- Work closely with all business functions to facilitate compliance with DORA requirements;
- Contribute to policies and procedures developments to ensure an effective internal governance and control framework;
- Support TPRM and Outsourcing remediation programmes;
- Support cybersecurity governance and documented information required for DORA;
- Support the establishment/alignment of the Resilience Testing framework;
- Support ICT Risk Management;
- Support the alignment of ICT Incident Response and Reporting with DORA.
Qualifications
The candidate should have:
- Bachelor’s degree in Computer Science, Information Technology, or a related field;
- Proven experience as a Consultant or similar role;
- Previous working experience in Financial Services or consultancy in the Financial Services;
- Experience with industry compliance, regulations, standards, and frameworks related to cybersecurity such as ISO 27001, NIST, COBIT, or similar;
- Experience in regulatory compliance projects and ability to analyse regulatory documents;
- Experience in Risk Management practices;
- Knowledge of Incident Response practices;
- Knowledge of EU DORA or Operation Resilience projects;
- Knowledge of the EBA regulatory landscape;
- Excellent knowledge of process and internal controls design;
- Good stakeholder management skills;
- Experience with automatic workflow tools and other automatic solutions in the context of Outsourcing/TPRM is beneficial;
- Great organizational, analytical, and problem-solving skills;
- Strong sense of ethics, integrity, and responsibility.
- Great communication and teamwork skills;
- Fluency in written and spoken English required.
Nice to have:
- Relevant certifications such as CISSP, CISM, CISA or similar are highly valued;
- Participation in cybersecurity and DORA-related communities, forums, or professional networks.
Additional Information
What we offer:
- Professional development and monitoring talent;
- Commitment to our employees' development;
- Collaboration in a company that is constantly growing and evolving;
- Strong organisational culture: collaboration, sharing, flexibility, integrity and low ego.
Would you like to join our team? Then send your CV.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISA CISM CISSP COBIT Compliance Computer Science CREST Governance Incident response ISO 27001 Monitoring NIST Risk management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Security Consultant jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information System Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open DevSecOps-related jobs