GRC Consultant

Description

Job Summary: We are seeking a GRC Consultant passionate about management systems and security to join Ciberia and help redefine AI-driven cybersecurity. Key Highlights: 1. Redefine AI-driven cybersecurity 2. Participate in strategic projects with cutting-edge technology 3. An environment that values ambition and excellence **Description:** ---------------- Join Ciberia and redefine the future of AI-driven cybersecurity! At Iris, we don’t just build companies—we forge leaders in technological innovation. Our mission is to redefine our clients’ futures through the most advanced technologies (Cloud, Cybersecurity, Data, AI). We are driven by ambition, excellence, innovation, transparency, empathy, and trust. We invite you to join Ciberia—the new global benchmark in managed cybersecurity services, powered by Artificial Intelligence and backed by Google Cloud Security. We are a Google Premier Partner in Cybersecurity for EMEA and LATAM, operating across 5 countries. If you seek an environment where your professional judgment impacts strategic projects and where you work with cutting-edge technology, this is the place for you. We are looking for a **GRC Consultant** to join our team—someone passionate about management and security systems. **What You’ll Do:** * Management and Security Systems (Active Participation): * Implementation and Maintenance: Collaborate on implementation and maintenance projects for systems aligned with ISO 27001 and the Spanish National Security Scheme (ENS), covering both documentation and technical aspects. * Business Continuity: Participate in ISO 22301 projects, supporting the development of Business Impact Analyses (BIA) and continuity plans. * Integrated Internal Audit: Conduct internal audits evaluating security and privacy controls jointly. * Document Management: Develop policies, procedures, and regulations addressing both security and privacy requirements. **Requirements:** --------------- **What Are We Looking For?** * Experience: Minimum 3 years in GRC consulting. You must demonstrate proven experience participating in ISO 27001 and/or ENS projects. * Regulatory Knowledge: * Advanced/Intermediate: ISO 27001 (Information Security), ENS (Spanish National Security Scheme), ISO 22301, and GDPR—both at the documentation and technical levels. * Integrative Vision: Ability to understand how a security control (e.g., access management) impacts regulatory compliance. **What We Offer:** * Inspiring Location: Offices in the upper district of Barcelona, offering panoramic views and a natural setting designed to foster innovation and well-being. * Development and Stability: A defined career path for your long-term growth + investment in your training with free access to multiple e-learning platforms. * Elite Mentorship: An intensive mentorship period at the start of your onboarding to ensure success in your role. * Holistic Well-being: Free access to a comprehensive nutrition, physiotherapy, and coaching program. Your physical and mental health is our priority. * Rest and Other Benefits: Enjoy 23 working days of vacation per year and optimize your salary with a flexible compensation plan (health insurance, meal vouchers, transportation vouchers, childcare vouchers). If you’re ready to transform cybersecurity alongside Google’s Premier Partner—applying your passion for technology within an environment that values ambition and excellence—we want to meet you!