Rejobs
Voltalia

IT Security Specialist GRC (m/w/d)

Become an IT Security Specialist GRC with Voltalia in Porto, Portugal. Oversee governance, risk, and compliance in information security. Collaborate with teams to implement security strategies and manage risks. Enjoy a dynamic work environment in a leading renewable energy company.
Voltalia
Voltalia Porto, Portugal   On-site   Full Time  UTC+00:00   1001-5000   25 days ago

Voltalia

Company Overview

Voltalia

Paris, France

2005

Business Model

Renewable Energy

Production and sale of electricity from renewable sources, including solar, wind, and hydroelectric power.

Electricity sales, project development, and energy management services.

Locations & Geography

Voltalia operates in several countries, including Brazil, Portugal, France, Greece, and Morocco.

Company Culture

Their mission is to contribute to the energy transition by providing sustainable energy solutions.

Voltalia promotes a collaborative and innovative work environment focused on sustainability.

They offer various training programs and career development opportunities to enhance employee skills.

Activities & Projects

Voltalia is currently involved in multiple renewable energy projects across different continents, including solar and wind farms.

They are investing in innovative technologies to improve energy efficiency and storage solutions.

Voltalia implements sustainable practices in all their projects, focusing on minimizing environmental impact.

Career Opportunities

Typical job openings at Voltalia include roles in project management, engineering, and operations.

They offer competitive salaries, health benefits, and opportunities for professional growth.

Contact Information

LinkedIn

Careers at Voltalia

Last updated on 2025-03-26 | Report an issue

Job Description

At Voltalia we are passionate about renewable energies! We are an electricity producer from wind, solar, hydro, biomass and storage and also a service provider to 3rd party clients such as Development, EPC, O&M and Distribution. Today we are in 20 countries, split among 4 continents, and offering a global operating capacity to our clients. We are listed on the regulated Euronext market in Paris since July 2014.

Our IT Security and Infrastructure Team is looking for an IT Security Specialist GRC.

The IT Security Specialist GRC (Governance, Risk, and Compliance) is responsible for overseeing governance, risk, and compliance aspects of information and cyber security. It plays a key role in promoting security best practices across VOLTALIA and requires support from Executive Committee Members, business managers, and IT leaders. Led by the Information Security Officer (ISO), this function has the following responsibilities:

Information and Cyber Security Strategy & Policy

  • Assist the ISO in implementing the information and cyber security strategy and program.

Information and Cyber Security Risk Management

  • Support the development and implementation of a risk management methodology aligned with VOLTALIA’s objectives, overall risk strategy, and regulatory requirements.
  • Ensure alignment between information and cyber security risk management and VOLTALIA’s enterprise risk management framework.
  • Provide guidance and support on information and cyber security risk management activities.
  • Assess the effectiveness of security controls in IT and OT environments.
  • Monitor information and cyber security risks by evaluating control implementation, asset vulnerabilities, threat landscapes, and security incidents.
  • Report risk trends to Risk Owners and other relevant committees.

Security Standards & Architecture

  • Develop and maintain security documentation, including standards, processes, procedures, guidelines, contractual clauses, and control catalogs.
  • Design and maintain a unified IT and OT security architecture aligned with the overall security strategy.
  • Establish a security architecture repository, including principles, terminology, security services, control frameworks, and reference models.

Security by Design

  • Support first-line teams in identifying and addressing cyber security risks and requirements in new products, projects, processes, and services.

Security Awareness & Training

  • Develop and implement security education, training, and awareness programs to foster security-conscious behaviors across IT and OT environments.

Audit & Compliance Support

  • Provide evidence of risk oversight and control implementation for internal and external audits.
  • Communicate the status and progress of the security program to key stakeholders.

Monitoring & Continuous Improvement

  • Monitor compliance with security architecture and standards.
  • Collect and analyze key performance and effectiveness metrics to support decision-making and inform the ISO.

Requirements

The ideal candidate will have/ be:

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related.
  • 3+ years of experience in Information Security GRC.
  • Strong knowledge of security frameworks (e.g., ISO 27001, ISO27005, NIST, IEC 62443).
  • Familiarity with regulatory requirements such as GDPR, NIS2, etc.
  • Experience with risk management tools, compliance platforms, and security monitoring solutions.
  • Experience conducting security audits and risk assessments.
  • Understanding of IT security principles, cloud security, and network security.
  • Certifications such as CRISC, CISA, ISO 27001 Lead Auditor/Implementer, ISO 27005 Risk Manager (preferred).
  • Fluent English.
  • Possible travel, mainly in Europe.

Key Skills

  • Challenges-driven, rigorous, strong commitment, and investment.
  • Excellent analytical and problem-solving skills with the ability to assess and prioritize security risks.
  • Willing to develop new skills and competencies.
  • Comfortable working with high autonomy and as a team player;
  • High level of integrity and ability to handle sensitive and confidential information.
  • Very well organized. Able to manage and prioritize time and multiple tasks efficiently, especially when operating under pressure or deadlines.
  • Strong communication and collaboration skills to work effectively with cross-functional teams and external stakeholders. Know how to adapt your communication.
  • Passionate about cybersecurity and staying up-to-date on the latest threats and trends.

About the role

March 22, 2025

Full Time

Company

Voltalia

March 25, 2025

On-site

voltalia.com

  •  Porto, Portugal

3+ years in Information Security GRC

UTC+00:00

Apply now

Job expired?

Please let Voltalia know you found this job on Rejobs. This will help us grow and get more people to work on renewable energy!

Discover how you’re connected

View connections

See your contacts at Voltalia on LinkedIn to leverage your network in applying for this position.

Tags

IT Governance Cybersecurity Information Security

Similar jobs near Porto, Portugal

Blade Service Engineer (m/w/d)

Nordex

Porto, Portugal   Hybrid   Full Time

Contador (m/w/d)

Nordex

Porto, Portugal  + 2 locations   Flexible   Full Time

Junior Commercial Manager (m/w/d)

Muehlhan Wind Service

Fredericia, Denmark  + 5 locations   Flexible   Full Time

EPC Warranty Manager (m/w/d)

Voltalia

Porto, Portugal   On-site   Full Time

Accountant (m/w/d)

Voltalia

Porto, Portugal   On-site   Full Time

Chapter Lead Software (m/w/d)

Vestas

Leça do Balio, Portugal   On-site   Full Time

Accountant - Internship (m/w/d)

Voltalia

Porto, Portugal   On-site   Internship

Construction Site Manager (m/w/d)

Voltalia

Porto, Portugal   On-site   Full Time

Share with Friends

The stakes are high, and the time for talk has passed. Now is the time for action. Help a friend accelerate the shift to a sustainable future.

Share this job - IT Security Specialist GRC (m/w/d) - with your folks, and help them find a career to be proud of.