Sobre

• Company Description
• Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. With our 800+ experts located across EMEA, we aim to establish cybersecurity as an enabler of business success rather than a gatekeeper. We leverage an end-to-end approach to Cyber Resilience, Applied Security, and Managed Security services to secure the tech journey of large and medium-sized companies from all sectors and industries.
• Since 2009, previously known as INTEGRITY, our team based in Portugal is specialised in providing cutting-edge Managed Security Services that combine its expertise and proprietary technology to consistently and effectively reduce the cyber risk of our clients.
• The comprehensive service range includes Persistent Intrusion Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. ISO 27001 (Information Security) and ISO 9001 (Quality) certified, PCI-QSA, and member of CREST and CIS - Centre for Internet Security, we provide services to a considerable number of clients, operating in more than 20 countries.
• Job Description
• Devoteam Cyber Trust is seeking an experienced Senior ISO 27001 Consultant to lead and support a key client-facing ISMS implementation project.
• The ideal candidate will have extensive, hands-on experience in guiding organisations through the entire ISO 27001 certification lifecycle, ensuring compliance and robust security posture as part of a dedicated project team.
• Lead the planning, implementation, and management of an Information Security Management System (ISMS) based on ISO 27001.
• Conduct comprehensive gap analyses and information security risk assessments (e.g., using ISO 27005 or similar methodologies).
• Manage and conduct internal audits to ensure readiness for certification.
• Develop, write, and review all necessary ISMS documentation (including policies, procedures, and the Statement of Applicability).
• Act as the primary point of contact for and coordinate internal and external audits.
• Provide expert guidance on security controls and risk mitigation strategies to multiple stakeholders.
• Mentor junior team members and oversee project deliverables.
• Keep up-to-date on the latest trends and regulations in GRC
• Qualifications
• Proven, significant experience (Senior level) in leading multiple end-to-end ISO 27001 implementation projects.
• Expert knowledge of the ISO 27000 series (specifically 27001, 27002, and 27005).
• Strong practical experience in information security risk assessment and management.
• Demonstrable experience in developing high-quality, comprehensive ISMS documentation.
• Experience in managing and responding to internal and external audits.
• Relevant industry certifications (e.g., ISO 27001 Lead Implementer, CISM, CISSP, or equivalent).
• Excellent organisational, analytical, and problem-solving skills.
• Strong sense of ethics, integrity, and responsibility.
• Excellent communication and teamwork skills.
• Fluency in Portuguese and high proficiency in English.

Nice to Have

• Relevant GRC certifications, such as ISO 27001 Lead Implementer or similar, are highly valued.
• Knowledge of other compliance frameworks (e.g., NIST, PCI DSS, SOC 2).
• Knowledge of GRC tools.
• Knowledge of the main laws and regulations applicable to the European Union.
• Participation in communities, forums, or professional networks related to GRC
• Additional Information
• The Devoteam Group works for equal opportunities, promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity, dynamism and excellence of our organization. All of our vacancies are open to people with disabilities.

What we offer

• Professional development and monitoring talent;
• Commitment to our employees' development;
• Collaboration in a company that is constantly growing and evolving.
• Strong organisational culture: collaboration, sharing, flexibility, integrity and low ego.
• Would you like to join our team? Then send your CV.