Cyber Risks Consultant

We are seeking a talented individual to join our Risk Consulting team at Marsh. This role can be based in Lisbon or Porto. This is a hybrid role that has a requirement of working at least three days a week in the office.

 We will count on you to:

• Conduct comprehensive cybersecurity risk assessments for enterprise clients; 

• Analyze vulnerabilities, threat vectors, and potential impact on business operations; 

• Develop actionable remediation strategies and risk mitigation recommendations; 

• Stay current with emerging cyber threats, attack methodologies, and regulatory requirements; 

• Prepare detailed technical and executive-level reports on cyber risk findings; 

• Elaborate cyber incident response and recover playbooks and strategies; 

• Develop third-party risk management systems and procedures; 

• Collaborate with clients to understand their business environment and risk appetite; 

• Support underwriting and pricing decisions with expert cyber risk insights;

• Develop training and culture sessions to improve awareness regarding cyber threats, vulnerabilities and risks at our clients. 

 What you need to have: 

• Degree in Computer Science, Cybersecurity, Information Security, or similar field (or equivalent professional experience); 

• 3 or more years of experience in cybersecurity risk assessment or related cybersecurity roles; 

• Strong knowledge of cyber threats, vulnerabilities, and security frameworks (NIST, ISO 27000, CIS Controls); 

• Detail-oriented and organized profile with excellent analytical capabilities; 

• Strong verbal and written communication skills in English (B2/C level); 

• Proficiency with cybersecurity assessment tools and frameworks; 

• Strong knowledge of Microsoft Office tools, specially Excel. 

What makes you stand out?

• Advanced technical expertise in network security, application se curity, or infrastructure protection; 

• Comfortable conducting business conversations also in Spanish;

• Curious and interested about Microsoft Power BI;

• Interest in consulting projects and providing services to clients in cybersecurity and regulatory compliance; 

• Relevant certifications such as CISSP, CISM, CEH, or OSCP; 

• Strong team player with ability to influence and guide stakeholders; 

• Emotional intelligence and ability to communicate com plex cyber risks to non-technical audiences. 

• Sales driven profile.

Why join our team:

• We help you be your best through professional development opportunities, interesting work and supportive leaders;

• We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities;

• Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being.