GRA Analyst
2 days ago Be among the first 25 applicantsIT Security Governance, Risk, and AssuranceWe believe that we make a difference every day. To do that, we need committed and engaged employees. Our people are accountable for delivering world-class service and they are passionate about making the world a safer and more secure place. Our teams operate with integrity and respect for one another fueled by an entrepreneurial spirit.What we look forAn effective communicator, you are a confident team player with a genuine passion for making things happen in a dynamic organization. If you’re ready to take on a wide range of responsibilities and are committed to seeking out new ways to make a difference, this role is for you.Job purposeReporting to the Cyber & IT Risk Team Lead, your role will be focused on identifying, assessing, and mitigating risks related to cybersecurity, IT systems, and business processes. Your role will also support the implementation of our organization’s strategies around Cyber & IT controls by maintaining and developing new ways of doing things and creating cross-functional business relationships within Technology and other business units.The position is expected to work with internal stakeholders and take a supportive role in analysing key risks, establishing regular dialogue between risk and control owners to identify areas for improvement and develop strategies to enhance security of IT and business processes.Main ResponsibilitiesManage and mature the Information Security & IT risk control framework to enable effective operation and monitoring of controls.Document and report control failures and gaps to stakeholders. Provide remediation guidance and occasionally drive projects to ensure deployment of mitigation actions.Develop security policies, standards, and procedures to drive standardization and centralization of control activities.Perform risk assessment activities across the organization, identify potential risks within IT and business processes, and recommend risk mitigation strategies and controls.Ensure risks and remediation plans are regularly addressed and implemented by risk and control owners.Support activities to maintain compliance with relevant regulations and standards (e.G., ISO27001, NIST, GDPR).Audit and document processes and prepare reports summarizing findings and insights for management and stakeholders.Required QualificationsMinimum QualificationsBachelor’s degree within a relevant field and at least 3 years of direct experience within Information Security & IT risk and compliance.Experience working in GRC departments and direct experience working in:
Defining, creating, and executing of an Information Security & IT risk control framework, not only internally but also for third-party and partners. It is key also have experienced in documenting security procedures, policies, and standards.Performing information Information Security & IT assessments and conducting compliance and maturity assessments using international standards and best practices from various industries.Ensuring that all risks, vulnerabilities, and non-conformities are actively managed, monitored, documented, and mitigated if possible.Defining and tracking KPIs/KRIs and generating reporting adapted for different levels and stakeholders.Performing Information Security & IT controls audits and executing remediation plans not only internally but also third party and partners.
Work experience in a professional environment preferred, including:
Demonstrated planning and problem-solving skills and ability to analyze complex technical issues.Thorough understanding of market structures, including relevant regulatory compliance requirements (SOC 2, NIST, GDPR, COBIT, ITIL, etc.).Ability to build professional relationships and collaborate effectively with peers and stakeholders.Experience organizing and carrying out risk assessments and compliance projects.Fluent written and verbal communication skills in English.Travel availability.
Preferred qualificationsRelevant security certifications:
CISSP, CRISC, CISM, CISA, Security+, ISO 27001Proficient with MS Office, project management, and at least one GRC tool (recommended).Familiarity with auditing, monitoring, controlling, and process assessment.Seniority level
Seniority level Not ApplicableEmployment type
Employment type Full-timeJob function
Job function Information TechnologyIndustries ManufacturingReferrals increase your chances of interviewing at Verisure by 2xMadrid, Community of Madrid, Spain 20 hours agoMadrid, Community of Madrid, Spain 2 weeks agoMadrid, Community of Madrid, Spain 2 days agoInnovation & Sustainability Analyst Intern
Madrid, Community of Madrid, Spain 2 weeks agoBusiness & Transformation Analyst Junior
Madrid, Community of Madrid, Spain 1 week agoMadrid, Community of Madrid, Spain 20 hours agoTres Cantos, Community of Madrid, Spain 5 months agoMadrid, Community of Madrid, Spain 1 day agoMadrid, Community of Madrid, Spain 1 week agoMadrid, Community of Madrid, Spain 3 days agoMadrid, Community of Madrid, Spain 4 weeks agoMadrid, Community of Madrid, Spain 3 days agoMergers and Acquisitions Associate - Investment Banking
Madrid, Community of Madrid, Spain 1 week agoMadrid, Community of Madrid, Spain 3 days agoMadrid, Community of Madrid, Spain 1 month agoMadrid, Community of Madrid, Spain 3 weeks agoMarket Research & Business Analyst - Retail
Madrid, Community of Madrid, Spain 3 weeks agoAlcobendas, Community of Madrid, Spain 1 week agoMadrid, Community of Madrid, Spain 1 week agoMadrid, Community of Madrid, Spain 16 hours agoMadrid, Community of Madrid, Spain 1 week agoMadrid, Community of Madrid, Spain 3 days agoMadrid, Community of Madrid, Spain 2 weeks agoMadrid, Community of Madrid, Spain 3 days agoMadrid, Community of Madrid, Spain 1 week agoMadrid, Community of Madrid, Spain 4 weeks agoMadrid, Community of Madrid, Spain 1 week agoMadrid, Community of Madrid, Spain 4 weeks agoMadrid, Community of Madrid, Spain 1 week agoMadrid, Community of Madrid, Spain 6 days agoBusiness Analyst - Private Equity & Principal Investors
Madrid, Community of Madrid, Spain 1 week agoMadrid, Community of Madrid, Spain 1 week agoWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr