• Job Description

  Req#: 431

  Make a measurable and mission-critical impact.
  Bring your unique talents and experience to a leading company in Industrial IoT ( IIoT ) solutions. Grow your passion into a rewarding profession by joining a dynamic and expanding organization. You’ll play a vital role that supports your success and helps drive safe, efficient, and reliable operations across industries worldwide. Anova offers opportunities that empower you to:
  

  • Innovate with cutting-edge IIoT technology

  • Be part of a global, mission-driven team

  • Grow your skills through hands-on experience and development

  • Make a measurable impact across industries worldwide
    

  Join us as a Cyber Security Lead on the IT team , and help shape the future of safer, more efficient, and more reliable operations across the globe. Start your journey with Anova today !
  
  

  Location: This is a remote role, but there will be occasional travel required to our Porto facility as part of collaboration with our engineering teams. To be considered for the role candidates must reside in Portugal.

  Job Duties and Responsibilities:

  • Lead and drive cybersecurity and IT security engineering initiatives end‑to‑end, including scoping, secure architecture design, implementation, validation, and operational hand‑over across on‑prem and cloud environments.

  • Define, own and continuously evolve the corporate cybersecurity strategy, spanning cloud and infrastructure security, security operations (SOC), vulnerability management, incident response, security awareness, and compliance.

  • Architect, implement and operate core security capabilities, including Azure security controls, identity and access management, endpoint detection and response (EDR/XDR), SIEM (Microsoft Sentinel), logging, monitoring and alerting.

  • Develop, measure and report monthly cybersecurity Key Risk Indicators (KRIs) and performance metrics to the Executive Committee, translating technical security signals into business‑level risk, impact and recommended actions.

  • Serve as primary incident commander during cybersecurity incidents, leading detection, containment, eradication, recovery and post‑incident root‑cause analysis and lessons learned.

  • Ensure IT infrastructure, applications and cloud platforms are designed and operated with appropriate preventive , detective and corrective security controls to reduce risk to an acceptable level.

  • Oversee ongoing security awareness and phishing‑resilience programs, aligned to evolving adversary tactics, techniques and procedures (TTPs).

  • Perform and coordinate risk assessments, threat modelling, penetration tests and security testing, driving remediation plans and tracking closure with technical and business owners.

  • Define, implement and maintain security policies, standards and procedures, aligned with ISO/IEC 27001 and applicable regulatory requirements (NIS2, CRA, RED, GDPR).

  • Maintain and continuously improve the Information Security Management System (ISMS) to sustain ISO/IEC 27001 certification, including internal audits and support for external surveillance and certification audits.

  • Oversee Disaster Recovery and Business Continuity planning, testing and continuous improvement in partnership with IT and business stakeholders.

  • Provide hands‑on technical leadership and mentorship to system administrators, developers and product managers on secure architecture, DevSecOps practices and secure‑by‑design principles.

  • Manage relationships with security vendors, MSSPs, penetration testers and relevant authorities, ensuring services deliver measurable security outcomes.

  • Stay current on emerging threats, vulnerabilities, attack techniques, security technologies and regulatory developments, proactively advising leadership on risk and investment priorities.

  What you’ll need to succeed:

  Minimum Requirements -
  

  • Bachelor’s degree in Computer Science , Cybersecurity, Information Technology or a related field.

  • 8+ years of progressive experience in cybersecurity and IT infrastructure, including at least 3 years in a technical‑lead or project‑lead role.

  • Demonstrated success leading complex, multi‑disciplinary cybersecurity engineering initiatives from design through production.

  • Strong written and verbal communication and presentation skills in English (Portuguese a plus), with the ability to brief executives and influence non‑technical stakeholders.

  • Hands‑on expertise in cloud and enterprise security architectures, including:

  • Microsoft Azure security controls

  • SIEM and SOC technologies (Microsoft Sentinel, EDR/XDR)

  • Identity and access management (Active Directory / Entra ID)

  • Experience analyzing and responding to security telemetry (IOCs, vulnerability scans, logs, alerts and threat intelligence) to triage incidents and identify systemic security issues.

  • Experience designing and delivering security awareness and phishing‑resilience programs.

  • Solid understanding of risk management, security governance and control frameworks, with the ability to balance security, usability and business needs.

  Preferred Qualifications -

  • Lead Implementer or Auditor experience with ISO/IEC 27001 or SOC 2 Type II.

  • Working knowledge of EU cybersecurity regulations and directives, including NIS2, Cyber Resilience Act (CRA) and Radio Equipment Directive (RED), particularly for IIoT environments.

  • Professional certifications such as CISSP, CISM, CISA, Azure Security Engineer Associate, CCSP, or equivalent.

  • Proficiency in scripting and automation (Python, PowerShell, Bash) for security operations, data analysis and control automation.

  • Experience securing containerized and cloud‑native workloads, including Kubernetes, CI/CD pipelines, IaC , GitOps and automated SAST/DAST within enterprise DevSecOps programs.

  • Hands‑on experience with the Microsoft security ecosystem, including Azure, Defender, Sentinel and related platforms.

  Physical Requirements -

  • Ability to perform typical office tasks, including sitting or standing for extended periods, using a computer, communicating effectively, and occasionally lifting light items
    

  ABOUT ANOVA

  We are very proudly “one” Anova — built by integrating the best in IIoT technology and expertise. Anova monitors more than 1,250,000 assets across nearly 80 countries for over 2000 clients, from family businesses to the largest LPG, Industrial Gases, and chemicals companies in the world. Our scale is global. Our service is local. We partner directly with customers, taking a holistic approach and delivering tailored solutions that drive innovation and improvement and make our world safer, more efficient, and reliable.

  We believe that rewarding work should reward you. As part of Anova, your work, integrity, and commitment are rewarded through competitive compensation and reward strategies, through sincere appreciation, and through opportunities for growth and advancement. We put people first by providing benefits that support your life and well-being, from health and finance to recognition and reward, and so much more — we've got you covered.

  
  

  
  

  If this sounds like a fit for you, apply to join Anova in connecting the industrial world — for better.

  
  

  For more information about how Anova is transforming the Industrial IOT industry, visit us at Anova.com.

• About the company

  Leading global provider of IIoT solutions to remotely manage industrial assets with experience in the design, installation and maintenance of wireless hardware and software technologies.

Notice