IT Security Associate

We are looking for a specialist to join our IT Security team and support the organizations efforts in enhancing its security posture. You will be responsible for engaging with clients and stakeholders to understand their security requirements and effectively present our implemented security measures. This position offers the opportunity to contribute to diverse areas within IT Security safeguarding our systems data and assets from evolving threats. 

This role reporting directly to the IT Security Manager will include the following responsibilities:

• Respond to security questionnaires from clients and other stakeholders

• Review and analyze security clauses in contracts with clients and suppliers

• Participate in clients meetings to address cybersecurity concerns and requirements

• Conduct security reviews of internally used SaaS applications

• Maintain and enhance external security posture using dedicated solutions

• Support an audit response process by collecting and organizing evidence coordinating interviews between auditors and subject matter experts addressing auditors questions

• Perform IT control assessments across the organization 

• Assist in the implementation and maintenance of the IT Security Control Framework

• Create and maintain security dashboards and reports for management and stakeholders 

• Support the security exception management process

• Monitor compliance with security policies standards and regulations 

• Document security processes and procedures 

• Support development and delivery of IT security awareness programs

• Drive continuous improvement and automation initiatives

• Assist with other organizational security projects and tasks as assigned.

Qualifications :

Technical Skills & Experience:

• Minimum 1 year of experience in a similar customerfacing role preferably within a cloudbased company

• Experience engaging with clients on security matters addressing concerns explaining security controls and building trust. 

• Familiarity with GRC tools and security monitoring solutions 

• Solid understanding of security controls and their implementation 

• Experience supporting audits and facilitating interactions with auditors 

• Ability to create security reports and dashboards for both technical and executive audiences 

• Demonstrated research skills to develop security guidelines and propose improvements

• Understanding of security exceptions management process and riskbased decision making 

• Experience with SOC 2 is a plus

• Handson experience with Google Workspace and Microsoft Azure is a plus.

Education & Knowledge:

• Degree in Cybersecurity Computer Science Information Technology or a related field (or equivalent experience)

• Knowledge of security frameworks (e.g. NIST 80053 ISO 27001

• Familiarity with audit evidence requirements and documentation standards 

• Knowledge of security assessment methodologies and risk analysis 

• Familiarity with cybersecurity regulations (DORA CRA NIS 2 is a plus.

Soft Skills:

• Highly autonomous and proactive mindset

• Selfmotivated with ability to work independently when needed

• Ability to translate technical security concepts to nontechnical audiences 

• Comfortable taking initiative and leading projects with minimal direction

• Ability to pivot between tasks and adapt to changing priorities

• Professional demeanor when interacting with clients and stakeholders 

• Excellent organizational skills and ability to manage multiple projects

• Collaborative mindset with ability to work across different teams  

• Open to working in an international multilingual environment

• Fluent in English (oral and written). Knowledge of French is an asset.

Additional Information :

Location: Hybrid in Barcelona 4 times a month in the office)

In return for your expertise we offer:

• Support with all the necessary office and IT equipment
• Flexible working hours
• Wellness allowance for mental and physical wellbeing
• Access to professional mental health support
• Referral bonus policy
• Learning and development 
• Sustainability events and community involvement
• Peer recognition program
• Employeeled resource groups
• Remote work from abroad policy
• Meals and Transportation Vouchers (Cobee card)
• Dental Benefits 
• Life & Accident Insurance Private Health Insurance
• Paid employee volunteer day
• Paid moving day 1/year)
• Time off: 1 Community Service Day 1 Personal Day
• Summer Hours in July and August 36 hours per week)
• Hybrid Monthly Allowance for electricity and Internet

Our hiring team looks forward to reviewing your CV in English with a guaranteed response to every application. A new job with purpose awaits you! 

Dont fit all the criteria but still think youd be a good candidate Please apply anyway to give our hiring team the opportunity to assess your skills and to learn more about what you could bring to EcoVadis. Were interested in hiring from a diverse and skilled talent pool regardless of professional and educational background.

Can the hiring process be adjusted to suit my needs Yes. We want everyone going through the hiring process with EcoVadis to feel confident that you are able to demonstrate your full potential. We welcome applications from disabled people people with longterm health conditions and neurodiverse candidates. If you need any adjustments including the provision of interview questions please let the hiring team know.

Our teams strength comes from everyones uniqueness and is founded upon mutual respect. EcoVadis commits to equity inclusion and reducing bias in our hiring processes. EcoVadis does not accept any form of discrimination based on color national or ethnic origin ancestry citizenship religion beliefs age sex gender identity sexual orientation neurodiversity disability parental status or any other protected characteristic that makes you unique. In your application we encourage you to remove personal information such as: photographs marital status number of children religion gender residential postal code university graduation date past medical or parental leave(s) taken nationality (instead please state if you are legally eligible to work in the job region/country) university name (instead please state any degrees obtained and the study major).

Remote Work :

No

Employment Type :

Fulltime