GRC Senior Consultant

Role Description
We are looking for the very Top Talent…and we would be delighted if you were to join our team
More in details, UST is a multinational company based in North America, certified as a Top Employer and Great Place to Work company with over employees all over the world and presence in more than 35 countries. We are leaders on digital technology services, and we provide large-scale technologic solutions to big companies.

What are we looking for?
We are looking for a
GRC
Senior Consultant
, with experience in cibersecurity projects, working close to several clients. This role requires a professional capable of working independently, managing end-to-end engagements, conducting audits, and providing expert advisory across multiple security domains.

Main Tasks And Accountabilities Will Be
Consulting & Advisory

• Lead consulting engagements across cybersecurity, risk management, and compliance domains.
• Advise clients on best practices, improvement strategies, and implementation approaches aligned with recognized standards.
• Translate regulatory and technical requirements into clear, actionable recommendations.

Audits & Compliance

• Independently conduct internal audits and GAP analyses aligned with: ISO 27001, ISO 22301, ISO 27701, NIST CSF 2.0, DORA, NIS2, ENS, and other frameworks.
• Identify non-conformities and provide structured remediation plans.
• Prepare client-ready audit reports, risk registers, and compliance roadmaps.

Risk Management

• Facilitate and execute risk assessments (AARR, BIAs) across business processes and information systems.
• Apply methodologies such as ISO 31000, Magerit v3, and COSO to evaluate and treat risks.
• Support clients in adopting formal risk management practices.

Cybersecurity Activities

• Review technical assessments to identify vulnerabilities and recommend mitigation strategies.
• Support cybersecurity initiatives including control implementation, incident response planning, and awareness programs.
• Validate security controls and document evidence of compliance.

Client Interaction & Communication

• Serve as a primary point of contact for clients throughout engagements.
• Communicate technical requirements, project progress, findings, and recommendations clearly and effectively.
• Deliver presentations, training sessions, and executive briefings tailored to diverse audiences.

Documentation & Policy Development

• Develop and maintain client documentation including policies, procedures, standards, and process guides.
• Ensure high-quality, audit-ready documentation for all consulting deliverables.
• Coordinate evidence collection efforts across client teams during audit and compliance activities.
• Collaborate with the rest of the team to improve the existing templates of documents or create new ones.

What UST expects from you?

• 4+ years of experience in cybersecurity consulting, audits, compliance, or risk management.
• Expertise and/or certification in ISO 27001 and ENS (mandatory).
• Working knowledge of international standards such as: ISO 22301, ISO 27701, ISO 27005, ISO 42001, NIST CSF 2.0, SOC 2, GDPR, DORA, NIS2, CMMC 2.0.
• Strong proficiency in risk assessment methodologies (ISO 31000, Magerit v3, COSO).
• Experience supporting or participating in incident response activities.
• Bachelor's degree in Computer Engineering, Telecommunications, or a related field; Master's in Cybersecurity preferred.
• Good english level (C1) you will be working with international teams.

Desired Certifications

• ISO 27001 Lead Auditor / Lead Implementer
• CISM / CISSP / CISA

Work Location
100% remote within Spain.

Occasionally, it will be necessary to go to an office in Madrid or Barcelona.

Work schedule
Business Hours.

What can we offer?

• 23 days of Annual Leave plus the 24th and 31st of December as discretionary days
• Numerous benefits (Health Care Plan, teleworking compensation, Life and Accident Insurances).
• `Retribución Flexible´ Program: (Meals, Kinder Garden, Transport, online English lessons, Health Care Plan…)
• Free access to several training platforms
• Professional stability and career plans
• UST also, compensates referrals from which you could benefit when you refer professionals.
• The option to pick between 12 or 14 payments along the year.
• Real Work Life Balance measures (flexibility, WFH or remote work policy, compacted hours during summertime…)
• UST Club Platform discounts and gym Access discounts

If you would like to know more, don't hesitate to apply and we'll get in touch to fill you in detail. We are waiting for you
In UST we are committed to equal opportunities in our selection processes and do not discriminate based on race, gender, disability, age, religion, sexual orientation or nationality. We have a special commitment to Disability & Inclusion, so we are interested in hiring people with disability certificate.
Skills
information security,iso standards,compliance regulations,audit analysis,