
Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. With our 800+ experts located across EMEA, we aim to establish cybersecurity as an enabler of business success rather than a gatekeeper. We leverage an end-to-end approach to Cyber Resilience, Applied Security, and Managed Security services to secure the tech journey of large and medium-sized companies from all sectors and industries.
Since 2009, previously known as INTEGRITY, our team based in Portugal is specialised in providing cutting-edge Managed Security Services that combine its expertise and proprietary technology to consistently and effectively reduce the cyber risk of our clients.
The comprehensive service range includes Persistent Intrusion Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. ISO 27001 (Information Security) and ISO 9001 (Quality) certified, PCI-QSA, and member of CREST and CIS - Centre for Internet Security, we provide services to a considerable number of clients, operating in more than 20 countries.
The consultant will support the Internal Control function in executing second-line-of-defense (LOD2) activities across the organization.
Key responsibilities:
• Perform design and operating effectiveness testing of key controls.
• Review and analyze control evidence provided by control owners.
• Conduct walkthroughs with LOD1 control owners to understand processes and validate control execution.
• Document testing results, findings, and recommendations.
• Prepare testing reports and support the follow-up of remediation actions.
• Support the maintenance and continuous improvement of the Internal Control Framework.
• Support the preparation of reporting materials for management and governance committees.
• Engage with stakeholders across business and support functions to facilitate testing activities.
• Experience in Internal Controls, Internal Audit, Risk Management, Compliance, Information Security, or External Audit.
• Understanding of internal control frameworks and governance principles (e.g., COSO).
• Experience assessing and testing controls against recognized frameworks and regulations, such as ISO 27001, ISO 22301, NIST Cybersecurity Framework, CIS Controls, DORA, NIS2, or similar.
• Experience in control testing, evidence review, walkthroughs, and report drafting.
• Strong analytical, communication, and stakeholder management skills.
The Devoteam Group works for equal opportunities, promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity, dynamism and excellence of our organization. All of our vacancies are open to people with disabilities.
What we offer:
Would you like to join our team? Then send your CV.

Devoteam is a AI-driven tech consulting firm specialised in cloud platforms, cyber, data, and sustainability.
Tech native for almost 30 years, Devoteam guides businesses through sustainable digital transformation to deliver value.
With over 11,000 tech architects in more than 25 countries across Europe, the Middle East, and Africa, Devoteam is committed to using technology to serve people.