Are you passionate about cybersecurity and would you like to join a team leading cutting-edge projects in IT compliance and governance? At ESED, a technology consultancy specialized in cybersecurity services, IT solutions, and software development, we are seeking to hire a GRC Consultant to participate in projects related to key regulatory frameworks such as ENS, ISO 27001, and new regulations like NIS2 and DORA. The selected candidate will participate in cybersecurity consulting and auditing projects, particularly in the area of regulatory compliance (GRC). Key responsibilities will include: analyzing clients' maturity and compliance levels against frameworks such as ENS, ISO 27001, or DORA; drafting technical reports and action plans; collaborating in the definition of security policies and procedures; supporting clients during external audits; and monitoring corrective actions. The role may also involve technological risk management, third-party assessments, and support in preparing documentation for certifications or regulatory reviews. * 5 years of experience. Candidates should ideally have: • Prior experience (or advanced internships) in cybersecurity consulting or audit projects. • Involvement in the implementation or assessment of regulatory frameworks such as: • ENS (National Security Scheme) • ISO/IEC 27001 (information security management) • ISO 22301 (business continuity management) • DORA, PSD2, PCI\-DSS, SWIFT Compliance, or other sector-specific regulatory frameworks (especially in banking, insurance, or healthcare). • Knowledge of technological risk management processes and risk matrix development. • Experience drafting technical reports and compliance documentation. • Familiarity with data protection regulations (GDPR / Organic Law on Data Protection) will be an advantage. • Valuable experience supporting external audits or certification processes. • Proficient use of productivity tools (Excel, Word, PowerPoint, Google Workspace). * TECHNICAL DIPLOMA OR ENGINEERING * technical diploma or technical engineering \- computer science\-electronics * english (spoken b2 \- advanced, written b2 \- advanced) * spanish (spoken superior, written superior) * Competencies / knowledge: Technical knowledge: • Knowledge of regulatory frameworks and security standards: ENS, ISO 27001, ISO 22301\. • Familiarity with sector-specific regulatory frameworks: DORA, PSD2, PCI\-DSS, SWIFT. • Fundamentals of technological risk management and business continuity. • Ability to produce technical and compliance documentation (policies, reports, action plans). • Proficient use of office and productivity tools (Excel, Word, PowerPoint, Google Workspace). Professional competencies: • Analytical reasoning and attention to detail. • Organizational skills and ability to manage time independently. • Strong oral and written communication, especially for report writing and client interaction. • Interpersonal skills and customer orientation. • Ability to work in teams and collaborate in multidisciplinary environments. • Initiative and proactive attitude towards new challenges or regulatory changes. Desirable: • ISACA certifications (CISA, CISM, CRISC, etc.). • Practical knowledge of audit methodologies. • Intermediate\-high level of English (particularly technical reading and writing). * Indefinite employment contract * Full-time * Monthly gross salary ranging from '2300' to '3750' * Additional information: • Hybrid work model: partial on-site presence required at our office in Mataró (Barcelona), with option for partial remote work. • Full-time schedule with flexible working hours. • Join a specialized cybersecurity team with an excellent work environment and strong technical focus. • Real opportunity for learning and professional growth in a high-demand field. • Participation in client projects across various sectors (healthcare, industrial, financial, etc.). • Job stability and competitive compensation according to profile and experience.