Cybersecurity Risk Analyst
At GMV, we are looking to hire a Cybersecurity Risk Analyst to strengthen our team within the Cybersecurity Consulting and Services Division.
The selected candidate will participate in cybersecurity projects for space systems, collaborating with leading companies and agencies in the field.
The main goal of this position is to identify, analyze, and manage cybersecurity risks in highly complex technical environments, applying international standards and recognized methodologies.
You will have the opportunity to work on initiatives related to space missions, threat assessments, and the design of mitigation strategies.
We like to get straight to the point, telling you what you won’t find online. If you want to know more about us, visit our website at
WHAT WILL YOUR RESPONSIBILITIES BE?
Conducting cybersecurity risk analyses in space systems.
️ Identifying and evaluating threats, vulnerabilities, and potential impacts.
Defining security measures and controls for risk mitigation.
Supporting compliance audits and reviews.
Preparing technical documentation : risk reports, treatment plans, presentations.
Engaging with clients and technical teams for requirements gathering, validation, and follow-up.
WHAT KNOWLEDGE DO YOU NEED?
Degree in Engineering, Computer Science, Telecommunications, or similar.
Previous experience in risk analysis and management in technical environments.
Knowledge of risk analysis methodologies (EBIOS, ISO 27005, MAGERIT, OCTAVE, etc.).
Knowledge and ability to apply the MITRE ATT&CK framework for threat identification and risk evaluation.
Familiarity with cybersecurity regulations and standards (ISO 27001, NIST, ENS, etc.).
Ability to interpret system architectures and understand technical interdependencies.
Good level of English (minimum B2, ideally C1), both written and spoken.
WHAT DO WE VALUE?
Experience or interest in the space sector.
Knowledge of security architectures.
Cybersecurity certifications: CISSP, CISM, CEH, ISO 27001 Lead Implementer/Auditor, etc.
Knowledge of threat modeling and impact assessment.
Experience working with risk management or GRC tools (Agile Risk Manager, PILAR, etc.).
Participation in international environments or projects for ESA, EUSPA, etc.
Systems accreditation experience.
WHAT DO WE OFFER?
Hybrid work model and 8 weeks of remote work per year outside your usual geographic area.
Flexible hours and reduced working hours on Fridays and during summer.
Development of a personalized career plan, training, and language learning support.
National and international mobility. Coming from abroad? We offer a relocation package.
Competitive salary with continuous reviews, flexible compensation, and brand discounts.
Wellbeing program : medical, dental, and accident insurance; free fruit and coffee; training in physical, mental, and financial health, and much more!
️