IT Security Associate

**Company Description**:

- Work smart, have fun and make an impact_

**Our purpose is to guide all companies toward a sustainable world.**EcoVadis is the leading provider of business sustainability ratings.**Our solutions are backed by an international team of experts and powerful technology. We analyze data and build sustainability scorecards that give companies actionable insights into their environmental, social and ethical risks.

Learn more about our team and culture on EcoVadis careers page.

We are looking for a specialist to join our IT Security team and support the organization's efforts in enhancing its security posture. You will be responsible for engaging with clients and stakeholders to understand their security requirements and effectively present our implemented security measures. This position offers the opportunity to contribute to diverse areas within IT Security, safeguarding our systems, data, and assets from evolving threats.

This role, reporting directly to the IT Security Manager, will include the following responsibilities:

- Respond to security questionnaires from clients and other stakeholders,
- Review and analyze security clauses in contracts with clients and suppliers,
- Participate in clients meetings to address cybersecurity concerns and requirements,
- Maintain and enhance external security posture using dedicated solutions,
- Perform IT control assessments across the organization,
- Assist in the implementation and maintenance of the IT Security Control Framework,
- Create and maintain security dashboards and reports for management and stakeholders,
- Support the security exception management process,
- Monitor compliance with security policies, standards and regulations,
- Document security processes and procedures,
- Support development and delivery of IT security awareness programs,
- Drive continuous improvement and automation initiatives,
- Assist with other organizational security projects and tasks as assigned.

**Qualifications** Technical Skills & Experience**:

- Minimum 1 year of experience in a similar, customer-facing role, preferably within a cloud-based company,
- Experience engaging with clients on security matters, addressing concerns, explaining security controls and building trust.
- Familiarity with GRC tools and security monitoring solutions,
- Solid understanding of security controls and their implementation,
- Experience supporting audits and facilitating interactions with auditors,
- Ability to create security reports and dashboards for both technical and executive audiences,
- Demonstrated research skills to develop security guidelines and propose improvements,
- Understanding of security exceptions management process and risk-based decision making,
- Experience with SOC 2 is a plus,
- Hands-on experience with Google Workspace and Microsoft Azure is a plus.

**Education & Knowledge**:

- Degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience),
- Knowledge of security frameworks (e.g., NIST 800-53, ISO 27001),
- Familiarity with audit evidence requirements and documentation standards,
- Knowledge of security assessment methodologies and risk analysis,
- Familiarity with cybersecurity regulations (DORA, CRA, NIS 2) is a plus.

**Soft Skills**:

- Highly autonomous and proactive mindset,
- Self-motivated with ability to work independently when needed,
- Ability to translate technical security concepts to non-technical audiences,
- Comfortable taking initiative and leading projects with mínimal direction,
- Ability to pivot between tasks and adapt to changing priorities,
- Professional demeanor when interacting with clients and stakeholders,
- Excellent organizational skills and ability to manage multiple projects,
- Collaborative mindset with ability to work across different teams,
- Open to working in an international, multilingual environment,
- Fluent in English (oral and written). Knowledge of French is an asset.

**Additional Information**
Location: Hybrid in Barcelona (4 times a month in the office)

**In return for your expertise, we offer**:

- Support with all the necessary office and IT equipment
- Flexible working hours
- Wellness allowance for mental and physical wellbeing
- Access to professional mental health support
- Referral bonus policy
- Learning and development
- Sustainability events and community involvement
- Peer recognition program
- Employee-led resource groups
- Remote work from abroad policy
- Meals and Transportation Vouchers (Cobee card)
- Dental Benefits
- Life & Accident Insurance + Private Health Insurance
- Paid employee volunteer day
- Paid moving day (1/year)
- Time off: 1 Community Service Day + 1 Personal Day
- Summer Hours in July and August (36 hours per week)
- Hybrid Monthly Allowance for electricity and Internet