Cybersecurity Governance Risk

Cybersecurity Governance Risk & Compliance Lead (Madrid - Hybrid)Para ser considerado para una entrevista, por favor, asegúrese de que su solicitud se ajusta plenamente a las especificaciones del puesto que se encuentran a continuación.The company : Our customer is a technology-based startup with solid funding that is in the midst of expansion.They will hire the selected candidate as an internal and permanent employee, based in Madrid, but providing services to their global organization.Description of the position :We’re looking for aGovernance Risk & Compliance Leadfor its global operations in Madrid. He/She will be responsible for designing and operationalizing the company’s governance, risk, and compliance framework. Reporting to the Head of Information Security, he/she will play a critical role in enabling company growth by ensuring regulatory readiness, managing risk, and embedding security and compliance into business and product operations.Key Responsibilities and tasks :Lead the implementation of GDPR, ISO 27001, SOC 2, and NIS 2 compliance programmes, with a roadmap aligned to business priorities and client expectations.Develop and maintain policies, procedures, and controls that support certification and audit readiness.Coordinate with external auditors, consultants, and vendors to streamline evidence collection and reporting.Operationalize the NIST Cybersecurity Framework across the corporate, product and operational domainsConduct regular risk assessments and maintain a centralized risk register.Collaborate with IT, Product and Legal teams to ensure risk mitigation strategies are prioritized correctly.Governance & Policy Enforcement :Establish governance structures for security and compliance decision-making.Run regular risk committees and track related actions.Maintain and enforce policies such as password management, access control, and vendor risk.Reporting & Communication :Provide regular updates to executive leadership on compliance progress, risk posture, and audit outcomes.Develop dashboards and visualizations to communicate timelines and milestones to stakeholders.Act as the primary liaison for compliance-related queries from clients, partners, and regulators.Working Experience:5+ years of proven experience in cybersecurity landscape within cloud-first or SaaS organisations.At least 2+ years in GRC roles.Working experience of GDPR, ISO 27001, SOC 2, NIS 2, and NIST CSF.Familiarity with compliance automation platforms (e.g., Vanta, OneTrust).Not mandatory but preferred :Lead on ISO 27001, SOC2 or GDPR compliance implementation.In-depth knowledge of the NIS2 directive.Working knowledge of Azure cloud environments.Working knowledge of OT security.Excellent communication and stakeholder management skills.International work experience working with international teams.Education and Training:Bachelor's Degree or vocational training qualification: In information technology, or a related field.Certifications : Not mandatory but preferredCertified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or ISO 27001 Lead Implementer.Languages:Spanish: Very good Business Spanish required (excellent communication skills). B2/C1 level.English: Very good Business English required (excellent communication skills). B2/C1 level.Job Conditions:Job location:Tres Cantos (Madrid). EU nationality or valid EU/Spain work permit required.Employment Type:Permanent Full Time, as internal employee.Salary:Depending on qualification and experience.Work from home:Hybrid working model including the possibility of working from home (70%) but according to the specific needs that may arise from the perspective of project development, department, clients, and/or partners. xsgfvud How to apply:If you are interested, please apply here or email with the subject Governance Risk & Compliance Lead and your English CV.Seniority levelMid-Senior levelEmployment typeFull-timeJob functionInformation TechnologyIndustriesIT Services and IT Consulting and Space Research and Technology#J-18808-LjbffrHay opciones de teletrabajo/trabajo desde casa disponibles para este puesto.