About the Company
At Sourcing Trust, we are committed to delivering innovative, reliable, and tailored technology solutions that empower businesses to succeed in a rapidly evolving digital landscape. With a focus on excellence, integrity, and collaboration, we build lasting partnerships by understanding our clients' unique needs and providing them with expert support across. Our team is dedicated to fostering a positive and inclusive work environment where every employee's contribution is valued, encouraging continuous growth, learning, and shared success. Join us and be part of a passionate organization driven by innovation and excellence.
About the Role
We are looking for a Senior GRC Specialist with deep expertise in ISO 27001 to lead governance, risk, and compliance initiatives in Porto. The role focuses on implementing and maintaining Information Security Management Systems (ISMS), conducting risk assessments, managing audits, and ensuring organizational compliance with cybersecurity standards and regulations.
Requirements
Requirements
Senior-level experience (5+ years) in GRC roles, with proven ISO 27001 implementationand certification projects.
Expertise in ISO 27001 frameworks: ISMS design, implementation, internal audits, and certification processes.
Experience conducting risk assessments, control implementation, and gap analysisaligned with ISO 27001 Annex A.
Strong knowledge of regulatory compliance (GDPR, NIS2) and cybersecurity frameworks (NIST, CIS Controls).
Proven track record managing GRC tools/platforms and reporting to executive stakeholders.
Experience leading audit preparation and coordinating with certification bodies.
Excellent documentation skills for policies, procedures, and compliance evidence.
Work Arrangement
Porto – 4 days on-site + 1 day remote per week.
Language Requirements
English B2 or higher (mandatory for standards documentation and audits).
Portuguese fluency (mandatory for local stakeholder communication).