We’relooking for a Senior GRC Analyst to join our Information Security team at Clarivate in Barcelona.You’llbe part of a collaborative team that partner across the company to support key governance, risk, and compliance activities. This role offers the chance to grow in a global environment, partner with different stakeholders, and help strengthen our security compliance processes. If you have experience in security compliance and enjoy bringing structure, clarity, and continuous improvement to the way things are done,we’dlove to talk to you.
About You – experience, education, skills, and accomplishments
1. Bachelor’s Degree in a relevant field-Computer Science, Information Systems, Telecommunications Engineering or Cybersecurity-or equivalent technical training
2. At least 2 years of experience in Security Compliance, GRC, or IT Compliance roles, including hands-on work with compliance frameworks such as ISO 27001, ISO 27002, or SOC 2 (or similar)
3. At least 2 years of experience supporting security compliance activities, including evidence collection, documentation, control maintenance, and tracking audit or assessment findings.
It would be great if you alsohave.. .
4. Experience with GRC/audit tools such asAuditBoard.
5. Entry-level security certifications (e.g., ISO 27001 Internal Auditor, Security+, CCSK).
6. Technical background (e.g., former developer) or basic scripting skills to support compliance automation.
7. Familiarity with risk assessment concepts or experience improving processes and documentation
What will you be doing in this role?
8. Support the implementation of security, governance, and compliance initiatives across the organization.
9. Assistwith security and privacy compliance reviews for systems, applications, and internal processes.
10. Contribute to compliance activities related to ISO 27001, ISO 27002, SOC 2, and other relevant frameworks, including documentation, evidence collection, and tracking of findings.
11. Maintain compliance documentation and operate GRC or risk management tools to support control tracking and reporting.
12. Assistin security and privacy awareness activities within the organization.
13. Escalate identified compliance or security concerns to the CISO team with clear context..
14. Review proposed system or process changes toidentifypotential compliance or security impacts.
About the Team
The Governance Risk and Compliance (GRC) team in Clarivate exists as part of the overall Information Security team headed up by our CISO within the Technology Group. GRC Compliance Team spearheads initiatives that further the organization’s compliance goals and responsible for assessing and guiding the company’s compliance stance for Information Security in alignment with industry standards (ISO 27001, SOC 2, PCI-DSS, SOX, ISO 27017, ISO 27032, etc.) along with contractual requirements agreed with the customers.
Hours of Work
This is a full-time, permanent position based in our Barcelona office.
This is a hybrid position, workingfromthe office 2-3 days per week.
What we can offer you:
15. 30 working days of vacation
16. Volunteering community offering paid hours of volunteering time
17. Private Health and Life & Disability insurances.
18. Tax-free benefits (Ticket Restaurant scheme, kindergarten, and transport cards)
19. Agile work environment with a team of talented colleagues
20. Language classes (Catalan, Spanish and English)
21. Digital workplace with possibility to work in a central office location in Barcelona with global and dynamic employees.
At Clarivate, we are committed to providing equal employment opportunities for all qualified persons with respect to hiring, compensation, promotion, training, and other terms, conditions, and privileges of employment. We comply with applicable laws and regulations governing non-discrimination in all locations.