Job Summary: We are seeking a Process & Quality Assurance Manager to lead operational excellence, regulatory compliance, and organizational maturity in cybersecurity, assuming strategic responsibility for the Integrated Management System. Key Highlights: 1. Lead the Integrated Management System strategy in cybersecurity. 2. High executive visibility and direct impact on process evolution. 3. Technical, regulated, and innovative environment with continuous professional development. DESCRIPTION Do you want to lead **operational excellence, regulatory compliance, and organizational maturity** in a growing cybersecurity company? We are looking for a **Process & Quality Assurance Manager** to assume strategic responsibility for the **Integrated Management System (IMS)**, ensuring its effectiveness, independence, and alignment with key regulatory frameworks such as **ENS, ISO, and security standards**. This role offers **high executive visibility**, engagement with certification bodies, and direct impact on the evolution of processes, risks, and corporate cybersecurity governance. ### **Your impact in this role** * Define and lead the **Integrated Management System strategy** within a highly regulated cybersecurity environment. * Ensure compliance with **regulatory and certification requirements** (ENS, ISO 27001, ISO 22301, ISO 20000, among others). * Oversee system evolution in response to **regulatory, technological, and cyber-risk changes**. * Report to senior management on **strategic risks, deviations, and improvement opportunities** related to the IMS. * Lead **internal audit and compliance governance**, ensuring independence, technical rigor, and effective closure of corrective actions. * Coordinate external audits with bodies such as **CCN, AENOR, ENAC, or other certification entities**. * Drive initiatives for **continuous improvement, operational efficiency, and process standardization** across cybersecurity areas. * Develop and maintain the **corporate process map**, promoting a culture of quality, compliance, and digital resilience. * Supervise **document management, regulatory traceability, and version control** of the system. * Lead **team competency management**, defining training plans and technical authorizations for ENS and ISO auditing. ### **Leadership and key competencies** * Proven ability to provide **technical leadership and coordinate specialized teams in cybersecurity or compliance**. * Experience in **competency assessment within regulated or certified environments**. * Strong capacity for **strategic planning, prioritization, and cross-functional coordination** with areas such as SecOps, Technology, or Compliance. * Results orientation, organizational influence, and a continuous improvement mindset. ### **Why join us** * You will lead the evolution of the organization’s **cybersecurity governance, quality, and compliance model**. * You will have **direct impact on the company’s operational and reputational resilience**. * You will work in a **technical, regulated, and innovative environment**, with exposure to strategic projects. * Access to **professional development, continuous training, and leadership opportunities**. If you seek a role that combines **strategy, compliance, leadership, and cybersecurity**, this position may be your next major career step. REQUIREMENTS ### **What we look for in you** * Minimum 5 **years’ experience in auditing or implementing information security management systems and risk management systems**, in accordance with CCN-STIC guidelines. * Demonstrable experience in **managing or supervising certified systems within technology or cybersecurity environments**. * In-depth knowledge of the **National Security Scheme (Royal Decree 311/2022)** and applicable ISO standards. * Proficiency in **auditing methodologies (ISO 19011)** and principles of independence and impartiality. * Experience in **risk governance, regulatory compliance, and continuous process improvement**. * Familiarity with tools such as **PILAR, Bizagi, GRC platforms, and advanced reporting tools**. ### **Education and certifications** * Degree in Engineering, Computer Science, Business Administration and Management (ADE), Law, or related fields. * Specific training in **ENS auditing (CCN-CERT 20h)**. * Certification as an **internal auditor or lead auditor for ISO standards**. **Desirable:** * Certifications such as **CISA, CISSP, COBIT, PMP**. * Master’s degree in Cybersecurity, Risk Management, or Integrated Management Systems. * Personal Security Clearance (HPS) or willingness to obtain it.