




Job Summary: We are seeking a professional to govern, manage risks, and ensure security compliance, collaborating in incident response and defining controls. Key Highlights: 1. Experience in organizing and ensuring compliance with regulations (GDPR, ENS, NIS2, ISO) 2. Certifications such as ISO27001 Lead Auditor, ISO22301 Lead Auditor, or similar 3. Collaboration in incident response and definition of controls MANDATORY REQUIREMENTS: Candidates must demonstrate experience/knowledge in at least 4 of the following areas: * Organizing and ensuring compliance with applicable regulations (GDPR, ENS, NIS2, ISO, CCN guidelines, etc.). * Designing, monitoring, and implementing NIS2, ENS, ISO27001, GDPR, or other security compliance standards alignment plans. * Internal and external audits for ENS, ISO27001, NIS2, GDPR, or other security compliance standards. * Identifying operational, technological, and legal cybersecurity risks. * Defining controls, tests, and evidence. * Proposing and monitoring mitigation plans. * Collaborating in incident response. Certification such as ISO27001 Lead Auditor, ISO22301 Lead Auditor, or similar. Catalan spoken and written (bilingual with Spanish). English level: minimum B2. Work format: Hybrid, with 60% on-site presence in the Barcelona metropolitan area. DESIRABLE REQUIREMENTS: Knowledge/experience in business continuity plans and DRPs. Knowledge/experience in TPRM (Third-Party Risk Management). English certification: B2/C1. REQUIRED DEGREE: University degree in Computer Science and Telecommunications, Law, Business Administration and Management, or related fields. YEARS OF EXPERIENCE IN THE REQUESTED PROFILE: At least 4 years of documented experience in the field of technological systems, including at least 3 years specifically in governance, risk, and security compliance.


