Cyber, Risk

Role: Cyber Risk & Assurance Consultant 

Location: Madrid, hybrid

About Integrity360

Integrity360 is the largest independent cyber security provider in Europe, with a growing international presence spanning the UK, Ireland, mainland Europe, Africa and the Caribbean. With over 700 employees, across 12 locations, and six Security Operations Centres (SOCs)—including locations in Dublin, Sofia, Stockholm, Madrid, Rome and Cape Town—we support more than 2,500 clients across a wide range of industries.

Over 80% of our team are technical experts, focused on helping clients proactively identify, protect, detect and respond to threats in an ever-evolving cyber landscape. Our security-first approach positions cyber resilience as a business enabler, empowering organisations to operate with confidence.

At Integrity360, people come first. We invest heavily in learning, development and progression, fostering a dynamic culture where innovation, collaboration and continuous growth are at the heart of what we do. If you're ready to take your cyber security career to the next level, we'd love to hear from you. 

The Role

We are currently seeking a Cybersecurity Consultant to join the Cyber Risk and Assurance Team in the IT Risk, Compliance, and Security Consultancy space.  The successful candidate will provide deep, pragmatic and relevant advice to our clients and will be responsible for supporting our clients in building and implementing cybersecurity programs that adhere to the highest standards of Governance, Risk, and Compliance. The ideal candidate has, extensive knowledge and experience in the GRC domain.

We cherish our talent, we nurture their skills, and we ensure they gain exposure to many sectors.  We ensure that they enjoy many positive and productive challenges and plan a path that helps them achieve their career goals.

Primary Duties/Responsibilities include:

• Act as a virtual CISO on behalf of our customers
• Strategically advise on, and manage the various risks associated within the client environment to safeguard information security.
• Work with senior stakeholders where appropriate to embed security expertise in other functions.
• Lead all aspects of, and continuously improve the governance and management of security to reflect changing technology, threat landscapes, regulatory requirements, and industry standard methodologies.
• Provide expert counsel and mentorship to clients' senior leadership (including the board of directors) on security and its impact across business strategy, programs, products/services, and operations.
• Guide the team and maintain compliance and security policies, standards, frameworks, procedures and guidelines, and ensure that they are aligned with the strategy and compliance programs.
• Lead all aspects of, and continuously improve the governance and management of security and privacy to reflect changing technology, threat landscapes, regulatory requirements, and industry standard methodologies.
• Conduct privacy impact assessments and guide the customers in implementing good data privacy practices.
• Work collaboratively with clients to assist in defining privacy and security governance requirements.
• Evaluate the design and the effectiveness of clients' current privacy and security controls from a risk, compliance and assurance perspective.
• Identify opportunities for improvement for the customers whilst liaising closely with our extensive Sales team to develop leads for our technical services.
• Assist our Sales team in developing proposals and respond to tenders and RFPs.
• Conduct privacy and security audits.
• Travel (national and international) may be required as part of this role, and as such a clean driving licence and access to a car are essential.
  

Desired Skills

• A good level of senior leadership experience in risk, compliance and security management.
• 5+ years of experience in Cyber Risk, Compliance, and Security Management and Data Privacy.
• Experience working with C-Level executives.
• Excellent written and spoken communications skills and ability to deliver strong presentations to "C" level and technical audiences.
• Excellent listening skills are essential so that you can communicate with the client, empathise with their situation and be able to demonstrate your understanding of their issues.
• Flexibility in working methods and times (role may require you to work extra hours should the client call for it)
• Experience working with Software/Infrastructure/Platform-as-a-Service solutions and architectures.
• Excellent communication skills, especially the ability to communicate security and risk-related concepts to technical and non-technical audiences.
• Ability to understand the business context and technology challenges and handle uncertainty and apply appropriate security solutions in response to multiple risks and needs.
• Strong ability to understand PII and data flows from a technical perspective.
• An ability to work with limited guidance but also as part of a mixed skilled team
• Ability to understand technical requirements and functionality.
• Ability to see the big picture and have a keen eye for detail in different situations while making sure the message is clear and understood by all levels within a business.
• Strong understanding of industry standards in privacy (GDPR, ISO 27001, ISO 27701, ISO
• Knowledge of relevant risk, compliance, and security frameworks, standards and regulations (such as SOC2, Cloud Security Alliance (CSA), NIST, COBIT, PCI-DSS, GDPR, DPA, ISO270xx, ISO31000).

#LI-JL1