Senior Grc Analyst

**Senior GRC Analyst in Spain**

**Why YOU want this position**

Enverus is the leading energy SaaS company delivering highly technical insights and predictive/prescriptive analytics that empower customers to make decisions that increase profit. Enverus’ innovative technologies drive production and investment strategies, enable best practices for energy and commodity trading and risk management, and reduce costs through automated processes across critical business functions. Enverus is a strategic partner to more than 8,000 customers in 120 countries.

We are currently seeking a highly driven **Senior GRC Analyst** to join our Security GRC team in **Spain**. We are looking for a professional who is passionate about compliance, is detail-oriented, and has a strong understanding of technical controls. This role offers the opportunity to join a rapidly growing company delivering industry-leading solutions to customers in the world’s most dynamic and fastest growing sector. Be a part of the energy transition and join our growing team, creating intelligent connections across the energy value chain with a strategic focus on growing our offerings.

**The Team**

You will join the Enverus Security GRC Team which is responsible for the execution, facilitation and management of Security governance, risk, and compliance across the company. The role will be heavily focused on evaluating controls and supporting Enverus regulatory audits.

**Key Responsibilities (What You Will Do)**:

- Collaborate cross-functionally with global, multi-disciplinary teams to ensure alignment on security and compliance initiatives.
- Monitor and interpret internal policies, external regulations, and industry standards to maintain continuous compliance.
- Conduct ongoing testing and reviews of internal security and compliance controls to ensure effectiveness and maturity.
- Coordinate urgent compliance or security issues, acting as a point of escalation and resolution.
- Serve as a liaison between internal stakeholders and third-party auditors or compliance service providers.
- Track and manage compliance requirements, including evidence collection, audit readiness, and timely reporting.
- Build strong relationships with internal business units and external auditors to support audit and assurance activities.
- Support reporting efforts, including drafting management reports and contributing to risk and assurance dashboards.
- Advise business units on implementing appropriate security controls and governance practices.
- Consult with leadership on risk posture, control effectiveness, and assurance strategies.
- Identify and recommend process improvements to enhance the efficiency and quality of GRC operations.
- Proven experience in information security, with a strong compliance focus in a GRC role.
- Strong knowledge of security and IT frameworks, standards, and regulations.
- Deep understanding of audit, certification, and compliance fundamentals (e.g., SOC preferred, SOX, ISO, PCI, GDPR).
- Familiarity with common security frameworks, guidelines, and regulations (e.g.; NIST, CIS).
- Familiarity with security fundamentals and the software development lifecycle (SDLC).
- Strong analytical and critical thinking skills, with the ability to assess complex risk scenarios and recommend practical solutions.
- Excellent communication skills, both written and verbal, with the ability to present technical concepts to non-technical stakeholders.
- Strong interpersonal and collaboration skills, with a customer-focused mindset and the ability to build relationships across teams and with external auditors.
- Meticulous attention to detail and a high level of integrity, reliability, and work ethic.
- Self-motivated and adaptable, capable of managing multiple priorities and tasks in a dynamic environment.
- Organized and efficient, with basic project management skills to coordinate audits, assessments, and compliance initiatives.
- Proficient in Microsoft Office 365 tools, including Excel, Word, PowerPoint, and SharePoint, for audit documentation and reporting.
- Passion for continuous learning, process improvement, and automation of compliance tasks.
- Experience with GRC platforms is a plus.

**Education and Experience (How You Can Contribute)**:

- Working knowledge of laws and/or regulatory compliance
- Associate degree and/or equivalent industry credential(s)
- 2-5 years of relevant work experience
- Professional certification would be a bonus

This role is eligible for: Variable Compensation