IT Risk Analyst / Permanent Controller
CONSORT Group • Porto
Publicado em 02/04/2026 às 12:34
Full-time
Informática (Programação)
Remoto
Descrição da Vaga
Every moment counts. Especially those you live to the fullest. Welcome to Consort Group.
For over 30 years, Consort Group has been helping companies leverage their data and infrastructure. It is backed by two leaders, Consortis and Consortia, and places people and social responsibility at the heart of its values.
This is your future team
Established in 2021, Consort Portugal supports the strategic offshoring choices of our clients, particularly in Europe, and brings our expertise in infrastructure services to the Portuguese market. With a team of around 45 employees, our Service Center based in Porto is developing a dynamic nearshore business, offering the French and European markets an environment of excellence and high potential.
IT Risk Analyst / Permanent Controller
This is your mission
Are you passionate about cybersecurity, risk management, and digital resilience? Then this position is for you.
As IT Risk Analyst / Permanent Controller, you will be responsible for identifying, analyzing, and monitoring cyber and operational risks within IT payment services in our ecosystem.
Build side:
* Define and promote cybersecurity governance frameworks for IT payment services.
* Support IT teams in understanding, managing, and mitigating cyber risks within their activities.
* Contribute to the risk landscape definition by integrating operational risk inputs such as RCSA results and historical incidents.
* Collaborate with security, development, and production teams to integrate risk management practices into IT processes.
* Participate in risk management exercises, audits, and third-party risk assessments.
Run side:
* Execute permanent control activities covering ICT and non-ICT risks within the IT payment services perimeter.
* Identify and analyze operational risks by performing root cause analysis and impact assessments.
* Monitor remediation actions and ensure effective implementation of corrective measures.
* Provide risk reporting and consolidated risk views to cybersecurity and risk leadership.
* Issue alerts and propose corrective actions to strengthen cybersecurity posture.
This is your background
You have at least 5\+ years of experience in demanding IT risk, cybersecurity, or operational risk environments. You enjoy analyzing complex risk scenarios and working with multiple stakeholders to strengthen security and resilience. You are looking for an environment where your ideas matter and where technology goes hand in hand with collaboration.
This is your career path.
You have strong experience in IT risk management, cybersecurity, or operational risk control within complex IT environments. You enjoy analyzing risks, strengthening control frameworks, and collaborating with cross-functional teams to improve security and resilience.
This is your expertise:
* Technologies \& tools (within an Agile, DevOps, Cloud environment):
+ GRC tools (e.g., ServiceNow GRC)
+ Risk management frameworks and methodologies
+ Microsoft Office suite for reporting and analysis
+ Knowledge of cybersecurity and risk governance practices
+ Familiarity with payment ecosystem regulations such as DORA or PCI-DSS is a plus
This is how you work as part of a team:
* Strong analytical mindset with the ability to perform root cause and impact analysis
* Proactive attitude and problem-solving approach
* Strong stakeholder management and communication skills
* Continuous learning mindset and curiosity for cybersecurity and risk topics
Language Skills :
* French: C1
* English: C1
This is our commitment
At Consort Group, you are an expert who we support so that every assignment becomes a step that counts.
* Attentive and human onboarding
* A truly hands-on management style
* Continuous training opportunities
* Concrete commitments: inclusion, equality, solidarity
* A comprehensive HR package: health insurance, TR card, CSE, pension plan
* A culture of feedback and meaningful projects
The recruitment process:
* An initial phone call with our recruitment team
* An HR interview and a job interview with a business engineer
* A test or technical interview with one of our experts
* A final meeting with your future manager or project manager
* And if we're a good fit, we'll get started together
Good to know
Location: Porto
Contract: Permanent contract
Remote work: Hybrid
Job category: Cybersecurity / IT Risk / Governance
What you will do here, you won't do anywhere else.
This moment is yours.
For over 30 years, Consort Group has been helping companies leverage their data and infrastructure. It is backed by two leaders, Consortis and Consortia, and places people and social responsibility at the heart of its values.
This is your future team
Established in 2021, Consort Portugal supports the strategic offshoring choices of our clients, particularly in Europe, and brings our expertise in infrastructure services to the Portuguese market. With a team of around 45 employees, our Service Center based in Porto is developing a dynamic nearshore business, offering the French and European markets an environment of excellence and high potential.
IT Risk Analyst / Permanent Controller
This is your mission
Are you passionate about cybersecurity, risk management, and digital resilience? Then this position is for you.
As IT Risk Analyst / Permanent Controller, you will be responsible for identifying, analyzing, and monitoring cyber and operational risks within IT payment services in our ecosystem.
Build side:
* Define and promote cybersecurity governance frameworks for IT payment services.
* Support IT teams in understanding, managing, and mitigating cyber risks within their activities.
* Contribute to the risk landscape definition by integrating operational risk inputs such as RCSA results and historical incidents.
* Collaborate with security, development, and production teams to integrate risk management practices into IT processes.
* Participate in risk management exercises, audits, and third-party risk assessments.
Run side:
* Execute permanent control activities covering ICT and non-ICT risks within the IT payment services perimeter.
* Identify and analyze operational risks by performing root cause analysis and impact assessments.
* Monitor remediation actions and ensure effective implementation of corrective measures.
* Provide risk reporting and consolidated risk views to cybersecurity and risk leadership.
* Issue alerts and propose corrective actions to strengthen cybersecurity posture.
This is your background
You have at least 5\+ years of experience in demanding IT risk, cybersecurity, or operational risk environments. You enjoy analyzing complex risk scenarios and working with multiple stakeholders to strengthen security and resilience. You are looking for an environment where your ideas matter and where technology goes hand in hand with collaboration.
This is your career path.
You have strong experience in IT risk management, cybersecurity, or operational risk control within complex IT environments. You enjoy analyzing risks, strengthening control frameworks, and collaborating with cross-functional teams to improve security and resilience.
This is your expertise:
* Technologies \& tools (within an Agile, DevOps, Cloud environment):
+ GRC tools (e.g., ServiceNow GRC)
+ Risk management frameworks and methodologies
+ Microsoft Office suite for reporting and analysis
+ Knowledge of cybersecurity and risk governance practices
+ Familiarity with payment ecosystem regulations such as DORA or PCI-DSS is a plus
This is how you work as part of a team:
* Strong analytical mindset with the ability to perform root cause and impact analysis
* Proactive attitude and problem-solving approach
* Strong stakeholder management and communication skills
* Continuous learning mindset and curiosity for cybersecurity and risk topics
Language Skills :
* French: C1
* English: C1
This is our commitment
At Consort Group, you are an expert who we support so that every assignment becomes a step that counts.
* Attentive and human onboarding
* A truly hands-on management style
* Continuous training opportunities
* Concrete commitments: inclusion, equality, solidarity
* A comprehensive HR package: health insurance, TR card, CSE, pension plan
* A culture of feedback and meaningful projects
The recruitment process:
* An initial phone call with our recruitment team
* An HR interview and a job interview with a business engineer
* A test or technical interview with one of our experts
* A final meeting with your future manager or project manager
* And if we're a good fit, we'll get started together
Good to know
Location: Porto
Contract: Permanent contract
Remote work: Hybrid
Job category: Cybersecurity / IT Risk / Governance
What you will do here, you won't do anywhere else.
This moment is yours.
Precisa de estar logado para se candidatar.
Login para Candidatar