Descripción de la oferta
ppGRC Analyst GRC Lead – Programme Risk Assurance (Information Security) /ph3General Conditions /h3ulliEmployment Type: 4 Months – Contract /liliLocation: Hybrid – Barcelona, Spain (Madrid considered) /liliRate/Salary: TBC after discussion /liliStart: ASAP /li /ulh3Key Responsibilities /h3ulliSupport and coordinate Information Security Governance, Risk Compliance activities. /liliConduct and support risk‑led self‑assessments against security control frameworks. /liliReview security controls, identify gaps, and support remediation planning. /liliCollect, review, and manage control evidence and compliance documentation. /liliMaintain trackers, action logs, reporting packs, and remediation plans. /liliSupport internal audits, risk exception reviews, and stakeholder reporting. /liliWork closely with Information Security teams, control owners, auditors, and business stakeholders. /liliFacilitate workshops, follow up on actions, and drive programme delivery. /liliFor GRC Leads: provide leadership, manage analyst activities, and deliver senior stakeholder‑ready reporting. /li /ulh3Requirements /h3ulliExperience within Governance, Risk Compliance (GRC), Information Security, IT Risk, Technology Risk, Internal Audit, Compliance, or Technology Assurance. /liliExperience performing risk assessments, control reviews, compliance activities, or IT control assessments. /liliStrong understanding of Information Security controls and governance. /liliExperience working with stakeholders across technical and business teams. /liliExcellent organisational, communication, and documentation skills. /liliAbility to manage multiple workstreams and deliver within a fast‑paced environment. /li /ulh3Preferred Experience /h3ulliExperience with ISO 27001, NIST CSF, GDPR, NIS2, SOC 2, or similar security frameworks. /liliExperience using AuditBoard, Jira, or similar GRC and workflow platforms. /liliKnowledge of Identity Access Management (IAM), Vulnerability Management, Third‑Party Risk, Incident Response, Cloud Security, or Security Awareness. /liliExperience within Technology, SaaS, E‑commerce, Marketplace, or Digital organisations. /liliSpanish‑speaking candidates or those based in Barcelona are highly desirable. /li /ulpIf you’re a GRC Analyst or GRC Lead with a background in Information Security, Governance, Risk Compliance, IT Risk, or Technology Assurance and are interested in your next contract opportunity, we’d love to hear from you. Please send your CV to /ppDarwin Recruitment is acting as an Employment Business in relation to this vacancy. /ppKhayelihle Matshayana /p /p #J-18808-Ljbffr