#### **Experience Level** Experienced professional#### **Area** IT#### **Location** Calle Trinidad Grund, 29001 Málaga#### **Employment Type** Full\-time#### **Company** Drees \& Sommer#### **Start Date** By arrangement The Information Security Coordinator for GRC is a seasoned professional with extensive expertise in Governance, Risk, and Compliance (GRC), bringing a deep understanding of global cybersecurity frameworks, regulations and best practices. With a strong track record in executing certification programs and embedding cybersecurity controls within large\-scale and multinational environments, this expert role supports Drees \& Sommer’s mission to ensure regulatory compliance, business continuity, and long\-term information security maturity. Support yearly internal and external audit programme in alignment with the head of the department. Support the development, implementation and maintenance of the company’s BCM framework. **Core Responsibilities** **YOUR TASKS** -------------- * **GRC Execution \& Advisory**: Support the development and maintenance of cybersecurity governance, risk, and compliance frameworks in alignment with ISO/IEC 27001, 27701, 22301, TISAX, NIS2 and other relevant standards. * **Audit Preparation \& Support**: Conduct and drive internal security assessments and support external audits by preparing documentation, identifying non\-conformities, and ensuring implementation of corrective actions. * **Policy Implementation**: Draft, maintain, and ensure the correct application of cybersecurity policies and procedures based on industry standards across business units. * **Risk \& Control Assessment**: Execute technical risk assessments and control effectiveness evaluations; support continuous improvement of risk treatment plans. * **BCM Program Coordination:** Support the development, implementation, and maintenance of the company’s BCM framework. * **Business Impact Analysis (BIA):** Assist in conducting and updating BIAs to assess the impact of potential disruptions. * **Continuity Planning:** Help develop and maintain business continuity and disaster recovery plans. Ensure alignment of continuity plans with information security and risk management strategies. * **Compliance Monitoring**: Ensure adherence to data protection regulations (e.g., GDPR), IT security laws, and internal security guidelines. * **Project Involvement**: Act as a cybersecurity expert in cross\-functional projects, ensuring that new initiatives are aligned with cybersecurity requirements. * **Documentation \& Reporting**: Maintain high\-quality documentation for compliance purposes; support reporting to the cybersecurity steering committee or auditors. * **Security Tools \& Processes**: Support the use of GRC tools, risk dashboards, and internal control platforms. **YOUR PROFILE** ---------------- * Deep knowledge of international cybersecurity standards and frameworks (ISO/IEC 27001, 27017, 27701, 22301, NIST, GDPR) * Expertise in compliance program execution and audit readiness * Practical experience with risk assessments and mitigation planning * Proficiency in policy and process implementation * Strong technical writing and documentation skills * Awareness of operational security practices in IT and industrial environments * Strong analytical thinking and attention to detail * Fluent in English is a must (equivalent to C1\) **Certifications \& Qualifications** * Certified in ISO 27001/27701/22301 Implementer or Auditor * ITIL Certified * IPMO – International Project Management Officer **YOUR ADVANTAGES** ------------------- A dynamic and collaborative environment where cybersecurity is a strategic priority A team that values creativity, initiative, and continuous improvement To ensure your work\-life balance, we offer the option of mobile working We promote your professional and personal development through individual training and further education at the Drees \& Sommer Academy We support your health with a bonus for sports enthusiasts. We offer the possibility of subscribing to a private health insurance policy Employees benefit from tax advantages related to their commuting expenses for the office