Job Summary: Ingeteam is seeking a Cybersecurity Engineer, Governance & Compliance to ensure regulatory compliance and cybersecurity governance within the organization. Key Responsibilities: 1. Ensure compliance with cybersecurity regulations (NIS2, ISO 27001) 2. Develop and maintain the internal regulatory framework for Information Security 3. Effective governance of cybersecurity risk in IT and OT environments **Ingeteam**, a leading company specializing in electrical engineering and the development of electrical equipment, motors, generators, and frequency converters, is looking to hire a **Cybersecurity Engineer, Governance \& Compliance** for its facilities in **Zamudio**. **Mission** Guarantee regulatory compliance and appropriate cybersecurity governance within the organization, aligning IT and OT systems and processes with key standards and regulatory frameworks. **Responsibilities** * Analyze, adapt, and ensure continuous compliance with major cybersecurity standards and regulations (NIS2, ISO 27001, NIST, OWASP), promoting their consistent application across the organization. * Develop, maintain, and communicate the internal regulatory framework for Information Security, ensuring its correct implementation. * Coordinate the assessment and implementation of cybersecurity requirements and controls, collaborating closely with other organizational departments. * Support Business Units in responding to customers’ cybersecurity requirements and monitor compliance with such requirements. * Identify, assess, and maintain a centralized register of cybersecurity risks in IT and OT environments, ensuring effective risk governance. * Ensure cybersecurity regulatory compliance throughout the supply chain. * Provide direct support to the CISO and collaborate in defining and executing the Master Security Plan, including associated project management. * Conduct internal cybersecurity audits and coordinate external audits. * Participate in defining metrics, reporting, and dashboards related to regulatory compliance and cybersecurity risk levels. **Requirements** * University degree in Computer Engineering, Telecommunications, Cybersecurity, or related fields. * Over 3 years of experience in cybersecurity, security consulting, risk management, and compliance with international standards (ISO 27001/27002, NIST SP 800, OWASP, etc.). * Advanced level of English. * Knowledge of the NIS2 Directive. **Preferred Qualifications** * Master’s degree or postgraduate qualification in Cybersecurity, Information Security, or Systems Auditing. * Certifications in information security (e.g., ISO 27001 Auditor or others). * Familiarity with cybersecurity regulations and legal frameworks applicable in international contexts. * Experience in business continuity and disaster recovery planning. * Knowledge of cybersecurity in cloud and industrial OT environments. * Experience with networks, IT infrastructure, and communication protocols applied to cybersecurity. At **Ingeteam**, we value diversity and facilitate the inclusion of persons with disabilities. Therefore, if you meet the general requirements for this position and hold a disability certificate indicating a disability grade of 33% or higher, **Ingeteam** will positively consider your application. \#LI\-TP1