Thales Spain requires a specialised support service for regulatory compliance, risk management, and cybersecurity governance. Act as a consultant, developing governance, risk management and regulatory compliance advisory projects, potentially leading their development, while expanding your knowledge of other applicable regulatory frameworks (NIST CSF, ISO 27001, ENS, ISO 22301, GDPR, PCI DSS, etc.) and evolving towards a senior role.
Job Responsabilities:
- Defining and validating assessment and audit scopes.
- Reviewing technical documentation, policies, regulations and procedures. Interviewing responsible persons for security measures and controls.
- Reviewing and validating evidence for assessments and audits.
- Consulting and advising on compliance with information security standards and regulations.
- Developing reports and deliverables.
What we need from you:
- Senior consultant with at least 5 years of experience
- Ability to analyse and synthesise information
- Strong interpersonal and communication skills
- Proactivity and autonomy
- Critical thinking skills Teamwork
- Commitment to continuous improvement
- A higher technical degree (in engineering or a similar subject), preferably in IT or telecommunications.
- Knowledge of cybersecurity in general.
- Experience of Governance, Risk Management and Compliance (GRC) in relation to frameworks such as PCI DSS, NIST CSF, ISO 27001, ENS, ISO 22301, NIS2 and DORA.
- Knowledge of technological cybersecurity, and experience in designing and implementing projects for deploying cybersecurity technologies. At least three years' experience in cybersecurity.
- In hybrid mode.