Governance Risk & Compliance Lead (Madrid - Hybrid)
Governance Risk & Compliance Lead (Madrid - Hybrid)
Posted on :
30-07-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
The company: Our customer is a technology-based startup with solid funding that is in the midst of expansion.
They will hire the selected candidate as an internal and permanent employee based in Madrid but providing services to their global organization.
Description of the position:
Were looking for a Governance Risk & Compliance Lead for its global operations in Madrid. He/She will be responsible for designing and operationalizing the companys governance risk and compliance framework. Reporting to the Head of Information Security he/she will play a critical role in enabling company growth by ensuring regulatory readiness managing risk and embedding security and compliance into business and product operations.
Key Responsibilities and tasks:
Working Experience:
Soft skills:
Education and Training:
Certifications: Not mandatory but preferred
Languages:
Job Conditions:
Job location:Tres Cantos (Madrid). European Union nationality otherwise EU/Spain work permit required as a prerequisite.
Employment Type:Permanent Full Time as internal employee.
Salary:Depending on qualification and experience.
Work from home: Hybrid working model including the possibility of working from home (70%) but according to the specific needs that may arise from the perspective of project development department clients and/or partners.
If you are interested please apply here or send an email to emailprotected including in the subject: Governance Risk & Compliance Lead along with your English CV.
They will hire the selected candidate as an internal and permanent employee based in Madrid but providing services to their global organization.
Description of the position:
Were looking for a Governance Risk & Compliance Lead for its global operations in Madrid. He/She will be responsible for designing and operationalizing the companys governance risk and compliance framework. Reporting to the Head of Information Security he/she will play a critical role in enabling company growth by ensuring regulatory readiness managing risk and embedding security and compliance into business and product operations.
Key Responsibilities and tasks:
- Compliance Programme Development:
- Lead the implementation of GDPR ISO 27001 SOC 2 and NIS 2 compliance programmes with a roadmap aligned to business priorities and client expectations.
- Develop and maintain policies procedures and controls that support certification and audit readiness.
- Coordinate with external auditors consultants and vendors to streamline evidence collection and reporting.
- Risk Management:
- Operationalize the NIST Cybersecurity Framework across the corporate product and operational domains
- Conduct regular risk assessments and maintain a centralized risk register.
- Collaborate with IT Product and Legal teams to ensure risk mitigation strategies are prioritized correctly.
- Governance & Policy Enforcement:
- Establish governance structures for security and compliance decision-making.
- Run regular risk committees and track related actions.
- Maintain and enforce policies such as password management access control and vendor risk.
- Reporting & Communication:
- Provide regular updates to executive leadership on compliance progress risk posture and audit outcomes.
- Develop dashboards and visualizations to communicate timelines and milestones to stakeholders.
- Act as the primary liaison for compliance-related queries from clients partners and regulators.
Working Experience:
- 5 years of Proven Experience in Cybersecurity landscape within cloud-first or SaaS organisations.
- At least 2 years in GRC roles.
- Working experience of GDPR ISO 27001 SOC 2 NIS 2 and NIST CSF.
- Familiarity with compliance automation platforms (e.g. Vanta OneTrust).
- Lead on ISO 27001 SOC2 or GDPR compliance implementation.
- In-depth knowledge of the NIS2 directive.
- Working knowledge of Azure cloud environments.
- Working knowledge of OT security.
Soft skills:
- Excellent communication and stakeholder management skills.
- International work experience working with international teams.
Education and Training:
- Bachelors Degree or vocational training qualification: In information technology or a related field.
Certifications: Not mandatory but preferred
- Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC) or ISO 27001 Lead Implementer.
Languages:
- Spanish:Very good Business Spanish required (excellent communication skills). B2/C1 level.
- English:Very good Business English required (excellent communication skills). B2/C1 level.
Job Conditions:
Job location:Tres Cantos (Madrid). European Union nationality otherwise EU/Spain work permit required as a prerequisite.
Employment Type:Permanent Full Time as internal employee.
Salary:Depending on qualification and experience.
Work from home: Hybrid working model including the possibility of working from home (70%) but according to the specific needs that may arise from the perspective of project development department clients and/or partners.
If you are interested please apply here or send an email to emailprotected including in the subject: Governance Risk & Compliance Lead along with your English CV.
Required Experience:
Senior IC
Employment Type
Full-Time
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
