Cyber Risks Consultant
Job Description
We are seeking a talented individual to join our Risk Consulting team at Marsh. This role can be based in Lisbon or Porto. This is a hybrid role that has a requirement of working at least three days a week in the office.
We will count on you to:
Conduct comprehensive cybersecurity risk assessments for enterprise clients;
Analyze vulnerabilities, threat vectors, and potential impact on business operations;
Develop actionable remediation strategies and risk mitigation recommendations;
Stay current with emerging cyber threats, attack methodologies, and regulatory requirements;
Prepare detailed technical and executive-level reports on cyber risk findings;
Elaborate cyber incident response and recover playbooks and strategies;
Develop third-party risk management systems and procedures;
Collaborate with clients to understand their business environment and risk appetite;
Support underwriting and pricing decisions with expert cyber risk insights;
Develop training and culture sessions to improve awareness regarding cyber threats, vulnerabilities and risks at our clients.
What you need to have:
Degree in Computer Science, Cybersecurity, Information Security, or similar field (or equivalent professional experience);
3 or more years of experience in cybersecurity risk assessment or related cybersecurity roles;
Strong knowledge of cyber threats, vulnerabilities, and security frameworks (NIST, ISO 27000, CIS Controls);
Detail-oriented and organized profile with excellent analytical capabilities;
Strong verbal and written communication skills in English (B2/C level);
Proficiency with cybersecurity assessment tools and frameworks;
Strong knowledge of Microsoft Office tools, specially Excel.
What makes you stand out?
Advanced technical expertise in network security, application se curity, or infrastructure protection;
Comfortable conducting business conversations also in Spanish;
Curious and interested about Microsoft Power BI;
Interest in consulting projects and providing services to clients in cybersecurity and regulatory compliance;
Relevant certifications such as CISSP, CISM, CEH, or OSCP;
Strong team player with ability to influence and guide stakeholders;
Emotional intelligence and ability to communicate com plex cyber risks to non-technical audiences.
Sales driven profile.
Why join our team:
We help you be your best through professional development opportunities, interesting work and supportive leaders;
We foster a vibrant and inclusive culture where you can work with talented colleagues to create new solutions and have impact for colleagues, clients and communities;
Our scale enables us to provide a range of career opportunities, as well as benefits and rewards to enhance your well-being.
Marsh Risk is a business of Marsh (NYSE: MRSH), a global leader in risk, reinsurance and capital, people and investments, and management consulting, advising clients in 130 countries. With annual revenue of over $27 billion and more than 95,000 colleagues, Marsh helps build the confidence to thrive through the power of perspective. For more information about Marsh Risk, visit marsh.com, or follow us on LinkedIn and X.
Marsh is committed to creating a diverse, inclusive and flexible work environment. We aim to attract and retain the best people and embrace diversity of age, background, disability, ethnic origin, family duties, gender orientation or expression, marital status, nationality, parental status, personal or social status, political affiliation, race, religion and beliefs, sex/gender, sexual orientation or expression, skin color, or any other characteristic protected by applicable law.
Marsh is committed to hybrid work, which includes the flexibility of working remotely and the collaboration, connections and professional development benefits of working together in the office. All Marsh colleagues are expected to be in their local office or working onsite with clients at least three days per week. Office-based teams will identify at least one “anchor day” per week on which their full team will be together in person.