Senior GRC Analyst

We’re looking for a Senior GRC Analyst to join our Information Security team at Clarivate in Barcelona. You’ll be part of a collaborative team that partner across the company to support key governance, risk, and compliance activities. This role offers the chance to grow in a global environment, partner with different stakeholders, and help strengthen our security compliance processes . If you have experience in security compliance and enjoy bringing structure, clarity, and continuous improvement to the way things are done, we’d love to talk to you. 

About You – experience, education, skills, and accomplishments 

• Bachelor’s Degree in a relevant field - Computer Science, Information Systems, Telecommunications Engineering or Cybersecurity - or equivalent technical training 

• At least 2 years of experience in Security Compliance, GRC, or IT Compliance roles, including hands-on work with compliance frameworks such as ISO 27001, ISO 27002, or SOC 2 (or similar) 

• At least 2 years of experience supporting security compliance activities, including evidence collection, documentation, control maintenance, and tracking audit or assessment findings. 

It would be great if you also have . . .   

• Experience with GRC/audit tools such as AuditBoard. 

• Entry-level security certifications (e.g., ISO 27001 Internal Auditor, Security+, CCSK). 

• Technical background (e.g., former developer) or basic scripting skills to support compliance automation. 

• Familiarity with risk assessment concepts or experience improving processes and documentation

What will you be doing in this role?  

• Support the implementation of security, governance, and compliance initiatives across the organization. 

• Assist with security and privacy compliance reviews for systems, applications, and internal processes. 

• Contribute to compliance activities related to ISO 27001, ISO 27002, SOC 2, and other relevant frameworks, including documentation, evidence collection, and tracking of findings. 

• Maintain compliance documentation and operate GRC or risk management tools to support control tracking and reporting.

• Assist in security and privacy awareness activities within the organization. 

• Escalate identified compliance or security concerns to the CISO team with clear context. . 

• Review proposed system or process changes to identify potential compliance or security impacts. 

About the Team  

The Governance Risk and Compliance (GRC) team in Clarivate exists as part of the overall Information Security team headed up by our CISO within the Technology Group. GRC Compliance Team spearheads initiatives that further the organization’s compliance goals and responsible for assessing and guiding the company’s compliance stance for Information Security in alignment with industry standards (ISO 27001, SOC 2, PCI-DSS, SOX, ISO 27017, ISO 27032, etc.) along with contractual requirements agreed with the customers.   

Hours of Work  

This is a full-time, permanent position based in our Barcelona office. 

This is a hybrid position, working from the office 2-3 days per week. 

What we can offer you:

• 30 working days of vacation

• Volunteering community offering paid hours of volunteering time

• Private Health and Life & Disability insurances.

• Tax-free benefits (Ticket Restaurant scheme, kindergarten, and transport cards)

• Agile work environment with a team of talented colleagues

• Language classes (Catalan, Spanish and English)

• Digital workplace with possibility to work in a central office location in Barcelona with global and dynamic employees.