Albarraque, Portugal


Information Technology



Job ID


MAKE HISTORY WITH US! At PMI, we’ve chosen to do something incredible. We’re totally transforming our business and building our future on smoke-free products with the power to deliver a smoke-free future. With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and the space to move your career forward in endlessly different directions. PMI’s journey to a smoke-free future is fueled by technology. The total transformation we’re going through means that there are unique IT projects here to match all levels of skills and ambitions – from pace-setting global pilot projects to vital local updates. Whether you want to pursue a personal passion or build an international career, there’s space here to develop in any number of directions. We are currently looking for 2 InfoSec Analysts to join our InfoSec Project Advisory Team. YOUR “DAY TO DAY” • Identify cybersecurity gaps in PMI applications and systems using a wide variety of methods, e.g. compliance assessments, architecture review, access model review, interfaces and configuration reviews • Evaluate security posture of the third party solutions using TPRM methodologies with cybersecurity focus • Describe identified issues in the form of reports and ensure that relevant stakeholders understand the risk that those vulnerabilities pose to the Company • Analyze the scope, methodology and results of cybersecurity activities (e.g. ethical hacking) performed by third parties around the presence of vulnerabilities in systems used or to be used by PMI • Follow up with third parties on any inconsistency and ambiguity in the reports to have a reasonable level of assurance over security testing deliverables provided by vendors • Advise IT teams on how to replicate identified cybersecurity issues and remediate them in the most effective and cost-efficient way • Partner with other Information Security leaders to ensure that PMI follows best practices in the application security testing domain by continuously optimizing tools, techniques and methodologies • Keep up to date with the constantly evolving cyber threat landscape and the latest developments in IT risk management and contribute to PMI’s security standards WHO WE’RE LOOKING FOR • Minimum 4 years of experience in IT security, IT risk management, IT audit or IT controls, preferably in a large organization or consulting companies • Professional certifications in IT systems security and auditing (e.g. CISA, CISSP, CRISC, CISM) [Mandatory for a Senior Position] • Proven track record in performing IT security assessments or IT audits for large scale solutions • Experience with industy-leading practices in cyber security and regulatory compliance (e.g. SOX, GDPR, GxP, HIPAA) • Good knowledge of typical application design patterns (e.g. web, mobile, thick client, etc.) • Strong understanding of modern application architectures including microservices, containers, APIs, serverless technologies and cloud environment (AWS) • Knowledge of basic identity and access management concepts (e.g. single-sign on, identity federation) and standards (e.g. SAML, OAuth 2.0, OpenID) • Sound knowledge of impact and remediation techniques for vulnerabilities from and outside of OWASP Top 10 • Considerable technical writing proficiency and oral presentation skills, in English • Practical experience in Agile/DevOps organizations and cultures • Familiarity with Salesforce and Mulesoft platforms [preferred but not required] WHAT YOU CAN EXPECT FROM THE COMPANY: Our success depends on the men and women who come to work every single day with a sense of purpose and an appetite for progress. Join PMI and you too can: • Seize the freedom to define your future and ours. We’ll empower you to take risks, experiment and explore • Opportunity to work in the development of native Cloud solutions using the most modern tools and technologies in the industry • Be part of an inclusive, diverse culture, where everyone’s contribution is respected; collaborate with some of the world’s best people and feel like you belong • Pursue your ambitions and develop your skills with a global business – our staggering size and scale provides endless opportunities to progress • Continuous support in training and certification programs • Take pride in delivering our promise to society: to deliver a smoke-free future. WHAT WE OFFER YOU: • Private health insurance for you and your household • Life Insurance • Employee pension plan • Lunch card (Ticket) • 26 vacations days • Wide range of trainings and certifications