Cybersecurity Jobs List logo

Cybersecurity Jobs List

  1. Home
  2. Jobs
  3. Spain
  4. Madrid
  5. Pozuelo de Alarcón
  6. GRC Analyst
  7. Information Security GRC Analyst
Verisure logoVE
Verisureverisure.com

Information Security GRC Analyst

Pozuelo de Alarcón, Community of Madrid, SpainFull-time18h ago

IT Security Governance, Risk, and Assurance

We believe that we make a difference every day. To do that, we need committed and engaged employees. Our people are accountable for delivering world-class service and they are passionate about making the world a safer and more secure place. Our teams operate with integrity and respect for one another fueled by an entrepreneurial spirit.

What we look for

An effective communicator, you are a confident team player with a genuine passion for making things happen in a dynamic organization. If you’re ready to take on a wide range of responsibilities and are committed to seeking out new ways to make a difference, this role is for you.

The Role

Reporting to the Cyber & IT Risk Team Lead, your role will be focused on identifying, assessing, and mitigating risks related to cybersecurity, IT systems, and business processes. Your role will also support the implementation of our organization’s strategies around Cyber & IT controls by maintaining and developing new ways of doing things and creating cross-functional business relationships within Technology and other business units.

The position is expected to work with internal stakeholders and take a supportive role in analysing key risks, establishing regular dialogue between risk and control owners to identify areas for improvement and develop strategies to enhance security of IT and business processes.

Main Responsibilities

  • Focus on building and maintaining the Audit function within Information Security.

  • Manage and mature the Information Security & IT risk control framework to enable effective operation and monitoring of controls.

  • Document and report control failures and gaps to stakeholders. Provide remediation guidance and occasionally drive projects to ensure deployment of mitigation actions.

  • Develop security policies, standards, and procedures to drive standardization and centralization of control activities.

  • Perform risk assessment activities across the organization, identify potential risks within IT and business processes, and recommend risk mitigation strategies and controls.

  • Ensure risks and remediation plans are regularly addressed and implemented by risk and control owners.

  • Support activities to maintain compliance with relevant regulations and standards (e.g., ISO27001, NIST, GDPR).

  • Audit and document processes and prepare reports summarizing findings and insights for management and stakeholders.


Required Qualifications

  • Bachelor’s degree within a relevant field and at least 4 years of direct experience within Information Security & IT risk and compliance.

  • Experience working in GRC departments and direct experience working in:

  • ​Defining, creating, and executing of an Information Security & IT risk control framework, not only internally but also for third-party and partners. It is key also have experienced in documenting security procedures, policies, and standards.

  • Performing information Information Security & IT assessments and conducting compliance and maturity assessments using international standards and best practices from various industries. 

  • Ensuring that all risks, vulnerabilities, and non-conformities are actively managed, monitored, documented, and mitigated if possible.

  • Defining and tracking KPIs/KRIs and generating reporting adapted for different levels and stakeholders.

  • Performing Information Security & IT controls audits and executing remediation plans not only internally but also third party and partners.

Work experience in a professional environment preferred, including:

  • Demonstrated planning and problem-solving skills and ability to analyze complex technical issues.

  • Thorough understanding of market structures, including relevant regulatory compliance requirements (SOC 2, NIST, GDPR, COBIT, ITIL, etc.).

  • Ability to build professional relationships and collaborate effectively with peers and stakeholders.

  • Experience organizing and carrying out risk assessments and compliance projects.

  • Fluent written and verbal communication skills in English.

  • Travel availability.

Preferred qualifications

  • Relevant security certifications: CISSP, CRISC, CISM, CISA, Security+, ISO 27001

  • Proficient with MS Office, project management, and at least one GRC tool (recommended).

  • Familiarity with auditing, monitoring, controlling, and process assessment.


The Company

We Are People Who Protect People - We are the leading provider of professionally monitored alarms for residential households and small businesses in Europe.

Peace of mind for families and small businesses - We believe it is a human right to feel safe and secure. We now protect more than 3.4 million families and small businesses. Our service includes 24/7 monitoring, expert verification and response, customer care, service and maintenance services, and professional technical support. As well as protecting against intrusion, we protect against fire, attack, theft, life-threatening emergencies and other hazards. Verisure people are dedicated and committed and provide what we believe is the best customer service in the industry.

Leading across a broad footprint - We are the leading provider of residential and small business monitored alarms in Europe. We operate in 17 countries across Europe and Latin America. Our business is driven by organic growth, based on our differentiated business model. We attract high quality customers. We work hard to ensure that our customers are happy. This contributes to an industry leading level of attrition and a long customer lifetime.

A technology-enabled human services company - Our ~29,000 team-mates are the foundation of our company. Our business model combines technology and human expertise to protect people. We are a human services company. More than 80% of our colleagues interact with customers every day. This connection provides the insight that inspires our innovation. These insights are a source of advantage. We leverage these insights with the significant investment we make into product and service innovation. The close customer contact also fuels the pride which drives engagement.

30 years of experience and many more to come - We have been protecting what matters most since 1988. Over that time, we have expanded beyond our roots in the Nordics and Spain. We now serve most of Europe and have also established a strong presence in Latin America. In 2019, we formed a strategic partnership with Arlo, a world leader in connected cameras. Verisure acquired all rights to Arlo’s European business. This allows us to offer connected camera services in Europe as a complement to our professionally monitored security service. It also allows us to access new go-to-market opportunities in retail and e-commerce.

Apply today!

Verisure Innovation is an equal-opportunity employer and welcomes applicants from diverse backgrounds. We are an international company with offices and colleagues in multiple countries. Please note that we do not accept applications via email.


If you have questions regarding this position, please reach out to our Group Talent Acquisition Lead, luka.jovovic@verisure.com 

Categories

GRC Analyst
IT Risk Analyst
Compliance Analyst
Information Security Analyst
Security Risk Specialist

Skills

GRC
Information Security
ISO27001
NIST
GDPR
SOC 2
COBIT
ITIL
MS Office
Risk Assessment
Security Policies
IT Controls
KPI/KRI
Security Auditing
Control Framework