GRC Project Manager

UST is looking for the very Top Talent…and we would be delighted if you were to join our family
More in details, UST is a multinational company based in North America, certified as a Top Employer and Great Place to Work company with over 35.000 employees all over the world and presence in more than 35 countries. We are leaders on digital technology services, and we provide large-scale technologic solutions to big companies.

Desplácese hacia abajo para ver todos los requisitos del puesto y las responsabilidades que pueden esperar los candidatos seleccionados.

What are we looking for?
We are looking for a GRC Project Manager , with experience in cibersecurity projects, working close to one of our main clients in cybersecurity sector. This role requires a professional capable of working independently, managing end-to-end engagements, conducting audits, and providing expert advisory across multiple security domains.

Main tasks and accountabilities will be:
Consulting & Advisory
Lead consulting engagements across cybersecurity, risk management, and compliance domains.
Advise clients on best practices, improvement strategies, and implementation approaches aligned with recognized standards.
Translate regulatory and technical requirements into clear, actionable recommendations.

Audits & Compliance
Independently conduct internal audits and GAP analyses aligned with: ISO 27001, ISO 22301, ISO 27701, NIST CSF 2.0, DORA, NIS2, ENS, and other frameworks.
Identify non-conformities and provide structured remediation plans.
Prepare client-ready audit reports, risk registers, and compliance roadmaps.

Risk Management
Facilitate and execute risk assessments (AARR, BIAs) across business processes and information systems.
Apply methodologies such as ISO 31000, Magerit v3, and COSO to evaluate and treat risks.
Support clients in adopting formal risk management practices.

Cybersecurity Activities
Review technical assessments to identify vulnerabilities and recommend mitigation strategies.
Support cybersecurity initiatives including control implementation, incident response planning, and awareness programs.
Validate security controls and document evidence of compliance.

Client Interaction & Communication
Serve as a primary point of contact for clients throughout engagements.
Communicate technical requirements, project progress, findings, and recommendations clearly and effectively.
Deliver presentations, training sessions, and executive briefings tailored to diverse audiences.

Documentation & Policy Development
Develop and maintain client documentation including policies, procedures, standards, and process guides.
Ensure high-quality, audit-ready documentation for all consulting deliverables.
Coordinate evidence collection efforts across client teams during audit and compliance activities.
Collaborate with the rest of the team to improve the existing templates of documents or create new ones.

What UST expects from you?
4+ years of experience in cybersecurity consulting, audits, compliance, or risk management.
Expertise and/or certification in ISO 27001 and ENS (mandatory).
Working knowledge of international standards such as: ISO 22301, ISO 27701, ISO 27005, ISO 42001, NIST CSF 2.0, SOC 2, GDPR, DORA, NIS2, CMMC 2.0.
Strong proficiency in risk assessment methodologies (ISO 31000, Magerit v3, COSO).
Experience supporting or participating in incident response activities.
Bachelor's degree in Computer Engineering, Telecommunications, or a related field; Master’s in Cybersecurity preferred.
Good english level (C1) you will be working with international teams.

Desired Certifications:
ISO 27001 Lead Auditor / Lead Implementer
CISM / CISSP / CISA

Work location
Hybrid Madrid. 1 day a week in the customer office.

Work schedule
Business Hours.

What can we offer?

23 days of Annual Leave plus the 24th and 31st of December as discretionary days
Numerous benefits (Health Care Plan, teleworking compensation, Life and Accident Insurances).
`Retribución Flexible´ Program: (Meals, Kinder Garden, Transport, online English lessons, Health Care Plan…)
Free access to several training platforms
Professional stability and career plans
UST also, compensates referrals from which you could benefit when you refer professionals.
The option to pick between 12 or 14 payments along the year.
Real Work Life Balance measures (flexibility, WFH or remote work policy, compacted hours during summertime…)
UST Club Platform discounts and gym Access discounts

If you would like to know more, do not hesitate to apply and we’ll get in touch to fill you in details. We are waiting for you

In UST we are committed to equal opportunities in our selection processes and do not discriminate based on race, gender, disability, age, religion, sexual orientation or nationality. We have a special commitment to Disability & Inclusion, so we are interested in hiring people with disability certificate. xiphteb

Hay opciones de teletrabajo/trabajo desde casa disponibles para este puesto.