Information Security Consultant – Security Transformation Programme Location: Spain (Remote)
Contract Length: Initial 6-Month Contract
Start Date: ASAP
Day Rate: Competitive / DOE
Asegúrese de enviar su solicitud rápidamente para maximizar sus posibilidades de ser considerado para una entrevista. Lea la descripción completa del puesto a continuación.
Overview
We are seeking an experienced Information Security Consultant to support a major security transformation programme for a global organisation. This is a fully remote contract role; however, candidates must be based in Spain and eligible to work there.
The successful consultant will play a key role in helping mature security capabilities, improve governance and risk management practices, and support the delivery of strategic cybersecurity initiatives across the business.
Key Responsibilities
Support the delivery of a large-scale security transformation programme across multiple workstreams
Assess current security controls, processes, and operating models, identifying gaps and improvement opportunities
Provide expertise across information security governance, risk, compliance, and security architecture
Work closely with technical and business stakeholders to define and implement security best practices
Assist with the development and enhancement of security policies, standards, and procedures
Support security tooling, control optimisation, and remediation activities
Contribute to risk assessments, control reviews, and audit readiness activities
Provide guidance on regulatory and compliance requirements including ISO 27001, NIST, GDPR, and related frameworks
Produce clear documentation, reporting, and stakeholder updates throughout the programme lifecycle
Collaborate with internal teams and third-party vendors to ensure successful programme delivery
Required Skills & Experience
Proven experience working as an Information Security Consultant or Security Transformation Consultant
Strong background delivering security transformation or cybersecurity improvement programmes
Experience across security governance, risk management, compliance, and control frameworks
Good understanding of standards and frameworks such as ISO 27001, NIST CSF, CIS Controls, and GDPR
Ability to engage with both technical and non-technical stakeholders
Strong documentation, communication, and reporting skills
Experience xbhjioe working within complex enterprise environments
Self-starter with the ability to work independently in a remote environment
Desirable Experience
Experience within regulated industries such as finance, healthcare, or telecommunications
Security certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor, or similar
Experience supporting cloud security initiatives (AWS, Azure, or GCP)
Exposure to IAM, SOC, vulnerability management, or security operations transformation projects
Additional Information
Fully remote position
Candidates must be based in Spain
Initial 6-month contract with potential extension
International project environment
English language skills required