Cyber Security Officer Job: A Cyber Security Officer job is to protect an organization’s computer networks, data, and hardware from digital threats. They develop and enforce security policies, monitor systems for breaches, run vulnerability tests, and train staff on security best practices to prevent unauthorized access or data loss.
About us:
Hello and welcome to the Zurich universe. At Zurich, we strive to foster development and career opportunities, promoting a healthy, balanced, and challenging work environment based on a culture of close relationships and trust.
We achieved 1st place in the large companies category of the Excellence Index and received the Top Employer Portugal certification. We are therefore among the 50 companies considered top employers nationwide.
Integrating into the Security Services & Operations area , you will work closely with the Business Information Security Officer (BISO) , supporting the business unit in the different aspects of information security and IT security. You will play an active role in identifying, mitigating and monitoring security risks, as well as aligning local practices with the Group’s global policies and standards.
If you want to be part of this team, learn more about the recruitment opportunity we have for you.
What are the main functions?
In this role, you will be responsible for supporting the alignment of IT security strategies with Group guidelines, collaborating in the identification, assessment, and mitigation of risks, and ensuring the implementation of effective controls. You will participate in security assessments related to the implementation or modification of technological solutions, as well as provide guidance to the business unit on security policies, standards, and processes.
It will also play an active role in promoting a safety culture, through the execution of the awareness plan and the monitoring of mandatory training, as well as supporting the safety assessment of external suppliers and service providers. It will also participate in incident response, including analysis and investigation activities, identifying non-conformities and proposing corrective actions.
Additionally, it will contribute to the implementation of global initiatives and projects, ensuring compliance with applicable regulations, and will participate in the execution and monitoring of access reviews, the management and remediation of vulnerabilities, and the documentation of processes and policies, promoting continuous improvement.
Key Responsibilities:
- Threat Monitoring: Continuously watch for security abnormalities, malware, or unauthorized access using SIEM and firewall tools.
- Vulnerability Assessment: Conduct routine penetration testing and audits to identify system weaknesses.
- Incident Response: Lead the investigation during a security breach, mitigating damages and applying preventative measures.
- Policy Enforcement: Develop and maintain company-wide IT security protocols, ensuring compliance with local or global data regulations.
- User Access Management: Configure security controls and grant appropriate credentials to authorized users.
- Security Awareness: Design and lead employee training programs to combat phishing and social engineering.
What kind of profile are we looking for?
Even if you don’t have all the skills mentioned, don’t worry! Don’t hesitate to apply!
- Bachelor’s degree in Computer Science, Systems Engineering, or a similar field.
- Knowledge and experience in IT security, specifically in patching, antivirus, vulnerability management, and cybersecurity.
- Knowledge of public cloud (AWS, Microsoft Azure or equivalent)
- Knowledge of security frameworks and best practices (e.g., MITRE ATT&CK, OWASP)
- Good knowledge of the English language.
- Intellectual curiosity and a continuous desire to learn.
- Adaptability to different technological contexts
- Strong sense of responsibility, organization, and planning.
- Customer and business orientation
- Proactivity, critical thinking, and a focus on problem-solving.
- Good communication skills, including the ability to simplify technical topics.
- Team spirit and the ability to effectively manage time and priorities.
Skills valued:
- Experience in the insurance sector
- Knowledge of security technologies (DLP, firewalls, IDS/IPS, proxies, log management, among others)
- Experience with vulnerability management tools and penetration testing.
- Experience with code analysis tools (e.g., Veracode)
- Knowledge of cybersecurity legislation and regulations.
Salary transparency:
For this role, the expected gross annual salary is between €40,000 and €50,000.
Additional variable components may exist, in accordance with Zurich’s compensation policy.
The specific proposal will be defined taking into account your experience, skills and internal positioning, ensuring consistency with comparable roles and market benchmarks.
Why Zurich?
At Zurich, we like to think outside the box, challenge ourselves, and be challenged. Our Organization always adopt an optimistic approach, focusing on the positive aspects and constantly asking: “What could go right if we could count on you on our team?”
We are an equal opportunity employer that understands that every person is unique, and that it is through diversity, equity, inclusion, and belonging that we make our team so fantastic! We are here for everyone!
Come and meet us and join us as we explore new ways to protect our customers and the planet.
Together, we create a bright future!

