Devoteam Cyber Trust |Information Security Manager | Mobility Sector

Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. With our 800+ experts located across EMEA, we aim to establish cybersecurity as an enabler of business success rather than a gatekeeper. We leverage an end-to-end approach to Cyber Resilience, Applied Security, and Managed Security services to secure the tech journey of large and medium-sized companies from all sectors and industries.

Since 2009, previously known as INTEGRITY, our team based in Portugal is specialised in providing cutting-edge Managed Security Services that combine its expertise and proprietary technology to consistently and effectively reduce the cyber risk of our clients.

The comprehensive service range includes Persistent Intrusion Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. ISO 27001 (Information Security) and ISO 9001 (Quality) certified, PCI-QSA, and member of CREST and CIS - Centre for Internet Security, we provide services to a considerable number of clients, operating in more than 20 countries.

• Collaborate with Compliance Manager to ensure compliance with A-to-Be security policies, standards and procedures
•  Determine project-specific security requirements
•   Ensure criteria is defined for product acceptance in respect to relevant regulatory and security standards
• Ensure project-specific core security policies and plans are defined and be accountable for their execution:

                  o   Patch Management Policy

                  o   Incident Response Plan

                  o   Business Continuity and Disaster Recovery Plan

• Provide security guidance and recommendations during project planning and execution
• Ensure that the implemented solution complies with security criteria defined for the project
• Work with Compliance Manager, the development teams and businesses in analyzing applications to identify and resolve security vulnerabilities and exploits
• Provide regular reports on security, risks, and improvement efforts to project leadership
• Serve as the primary point of contact for managing security incidents and analyze post-incident reviews and feedback to improve security measures

• Education & Certifications:

  • Degree in Computer Science, Information Security, Cybersecurity, or a related field

  • Certifications such as CISSP, CISM, CEH, Security+, or ISO 27001 Lead Implementer/Auditor (preferred)

• Experience:

  • At least 3 years of experience in information security, cybersecurity, or compliance

  • Experience with security policies, standards, and regulatory frameworks (ISO 27001, NIST, GDPR, etc.)

  • Hands-on experience in security assessments, vulnerability management, and risk analysis

• Technical Skills:

  • Strong knowledge of cybersecurity principles and best practices

  • Experience in Patch Management, Incident Response, and Business Continuity Planning

  • Familiarity with security tools (SIEM, IDS/IPS, endpoint protection, vulnerability scanners)

  • Understanding of secure software development and DevSecOps methodologies

• Soft Skills:

  • Strong analytical and problem-solving abilities

  • Excellent communication and collaboration skills to work with cross-functional teams

  • Ability to provide clear security recommendations and risk assessments

What we offer:

• Professional development and monitoring talent;
• Commitment to our employees' development;
• Collaboration in a company that is constantly growing and evolving;
• Strong organisational culture: collaboration, sharing, flexibility, integrity and low ego.

Would you like to join our team? Then send your CV.