IT Risk & Control Framework Consultant

As part of the IT Risk & Control Framework team you will actively participate in:

Managing technology and cybersecurity risks from a governance and control framework perspective.

Participating in technology risk assessment processes (RCSA risk assessments gap analysis).

Mapping Risks Controls KPIs/KRIs ensuring traceability and consistency of the control framework.

Analyzing audit findings (internal and/or external) and defining structured remediation plans.

Implementing and monitoring regulatory requirements especially in the areas of:

o DORA

o Operational Resilience

o Business Continuity

Third Party Risk Management (TPRM):

o Third-party controls

o Outsourcing

o Technology providers

Evaluation and improvement of policies procedures and technology standards.

Preparation of:

o Procedures and formal documentation

o Dashboards and executive reporting

o Material for Risk and Technology committees

Preparation of reporting for senior stakeholders in a global environment.

Qualifications :

What are we looking for

High level of English (spoken and written) international environment.

3 years of experience in:

o IT Risk Management with a focus on technology and/or cybersecurity.

o Internal and/or external auditing in technological environments.

Experience in:

o Technological risk assessments (RCSA risk assessments gap analysis).

o RiskControlKRI/KPI mapping.

o DORA operational resilience and business continuity.

o TPRM and third-party risk management.

Experience in document management and reporting:

o Drafting procedures.

o Policy evaluation.

o Participation in committees.

o Preparation of reports for senior stakeholders.

Proficiency in visualization and reporting tools especially Power BI.

Knowledge of Microsoft and ServiceNow environments.

Key Competencies :

Structured thinking and strong control orientation.

Ability to work independently and prioritize in demanding environments.

Ability to interact with multiple stakeholders (IT Risk Compliance Audit).

Clear and effective communication both written and verbal.

Global vision of the technology control framework.

Execution mindset: ability to translate regulations and frameworks into practical solutions.

Proactive attitude eagerness to learn and add value from day one.

Ability to work in a team contributing to a collaborative and positive environment.

We value profiles with a good attitude commitment and a desire for continuous improvement.

Additional Information :

What do we offer you

• Hybrid position based in Málaga Spain
• Possibility to manage work permits.
• Permanent full-time contract.
• Smart Office Pack so that you can work comfortably from home. 
• Training and career development.
• Benefits and perks such as private medical insurance life insurance Language lessons etc
• Possibility to be part of a multicultural team and work on international projects.

If you are passionate about data development & tech we want to meet you!

Remote Work :

No

Employment Type :

Full-time