From Hays, we're collaborating with a global leader in digital automation and AI‑powered operational transformation, operating across multiple countries and serving large enterprise customers. They specialise in end‑to‑end digital process optimization, including complex, technology‑driven environments in which information governance, compliance, and risk management are mission‑critical.
&##We're looking for an IS Compliance & Risk Management Consultant responsible for governing and continuously improving the company’s Information Security compliance framework and IS risk management practices.
You will be part of a growing governance team responsible for ensuring security controls, risk mitigation activities, ISO 27001 & NIS2 compliance, and audit readiness across several business units, acting as a bridge between high‑level governance requirements and practical implementation across IT functions.
&##6+ years of experience in Information Security, IT Audit, or IT Risk Management, with focus on governance, risk, and compliance.
~ Strong practical knowledge of ISO 27001 (implementation, management, or auditing).
~ Advanced level of English (fluency).
~ Experience engaging with senior IT stakeholders and cross‑functional teams.
~ Experience in M&A security assessments is a plus.
~ Define and maintain security policies, standards, and control requirements
Ensure applicability and rollout across all legal entities and portfolio companies
Monitor regulatory requirements and translate them into actionable controls
Lead NIS2 compliance readiness and evidence structure
Establish and operate the Group-wide IS risk management process and maintain the central IS risk register
Facilitate risk assessments with business, IT, and portfolio companies
Ensure management visibility of key IS risks and mitigation status
Integrate IS risks into enterprise risk management
Define minimum IS control baseline for all entities
Conduct IS compliance and risk reviews for portfolio companies
Support M&A security assessments and post-merger governance integration
Define and maintain IS compliance and risk KPIs
Provide regular reporting to executive management
Support management and key roles in understanding their security responsibilities
Provide guidance on control implementation without owning operations
&##Full-time opportunity with Perm/Freelancer contract.
Flexibility to work 100% remotely or hybrid in one of the offices in Madrid, Barcelona, Córdoba or Coruña.
Chance to work in a high‑impact global technology environment, driving governance and security maturity.
Exposure to advanced automation, AI‑driven processes, and highly scalable digital platforms.
&##If you are interested and want to contribute to a modern, innovation‑driven global organisation, please apply to this offer with your CV, so we can contact you for more information.