About Spektrum

Spektrum is a delivery-focused organisation specialising in providing high-quality talent, workforce solutions, and service delivery capabilities to support complex client requirements across multiple sectors.

Our operating model is built around three core pillars:

• Talent Acquisition – identifying and securing the right talent

• Workforce Experience & Development – enabling, supporting, and retaining our people

• Service Delivery – ensuring consistent, high-quality execution for our clients

These functions are supported by strong business operations, including finance, compliance, and corporate services, ensuring that all activities are delivered efficiently, securely, and in line with regulatory requirements.

At Spektrum, we operate as an integrated system—aligning hiring, workforce deployment, and delivery to ensure seamless execution and measurable outcomes.

Working at Spektrum

Working at Spektrum means being part of a structured, high-performance environment where clarity, accountability, and continuous improvement are central to how we operate.

We focus on:

• Clear roles and responsibilities aligned to our operating model

• Performance-driven delivery with defined outcomes and measurable impact

• Collaboration across functions to ensure successful client and organisational outcomes

• Continuous development of skills, capability, and expertise

Our people play a critical role in delivering value to clients while contributing to the growth and evolution of the organisation.

Business Operations Manager

The Business Operations Manager is responsible for the execution and coordination of financial operations, corporate governance, compliance, and business administration activities to ensure effective organisational control, regulatory adherence, and operational efficiency. This role supports the full business support lifecycle, including financial management, reporting, compliance monitoring, risk management, and administrative governance, ensuring alignment with organisational objectives and regulatory requirements.

Responsibilities:

• Support financial planning, budgeting, and forecasting processes

• Maintain financial records, reporting structures, and statutory documentation

• Ensure compliance with financial regulations, tax laws, and corporate policies

• Support financial reporting, audits, and statutory filings

• Assist with cash flow management, working capital tracking, and cost control

• Maintain payroll, accounts payable, and accounts receivable processes

• Support implementation and maintenance of financial systems and reporting tools

• Ensure adherence to corporate governance frameworks, policies, and procedures

• Support compliance monitoring, internal audits, and risk assessments

• Maintain document management systems, records retention, and data integrity

• Support vendor and third-party compliance, including due diligence and contract governance

• Assist in compliance training, awareness programs, and internal communications

• Act as a support liaison for auditors, regulators, and external stakeholders

• Monitor regulatory changes, risks, and best practices to support process improvement

• Support collaboration across teams on financial, compliance, and administrative matters

Functional Areas:

• Financial Operations & Reporting
  • Execution of financial processes and reporting activities, including budget tracking, financial reporting, payroll, accounts payable and receivable, and statutory documentation
• Financial Planning & Analysis
  • Support financial planning and performance monitoring, including forecasting, financial analysis, cost tracking, and performance reporting
• Compliance & Governance
  • Ensure adherence to regulatory and corporate requirements through policy adherence, compliance monitoring, audit support, and regulatory tracking
• Risk Management & Internal Controls
  • Support identification and mitigation of financial and operational risks through risk assessments, internal audits, and control monitoring
• Business Administration
  • Maintain administrative processes and governance structures, including documentation management, contract governance, and operational support
• Data & Systems Management
  • Maintain financial and compliance systems and data integrity, including system updates, reporting tools, data accuracy, and record management
• Stakeholder & External Coordination
  • Support coordination with internal and external stakeholders, including auditor coordination, vendor compliance, and cross-functional collaboration
• Process Improvement
  • Enhance operational efficiency and governance processes through workflow optimisation, policy updates, and continuous improvement initiatives

Key Performance Indicators (KPIs):

• Financial Accuracy
  • Accuracy of financial reporting and audit outcomes
• Budget & Cost Control
  • Budget variance and cost management effectiveness
• Compliance & Governance
  • Compliance audit success rate and regulatory adherence
• Risk Management
  • Effectiveness of risk identification and mitigation
• Operational Efficiency
  • Timeliness of reporting and process efficiency improvements
• Data & Systems
  • Accuracy and completeness of financial and compliance data
• Stakeholder Support
  • Responsiveness to internal and external stakeholder needs

Requirements:

• Education & Experience
  • Bachelor’s or Master’s degree in Finance, Accounting, Business Administration, Law, or a related field (or equivalent experience), with 3 years of experience in finance, compliance, business administration, or corporate governance
• Skills & Expertise
  • Strong experience in financial operations, reporting, compliance, risk management, governance frameworks, and administrative processes
• Technical Knowledge
  • Familiarity with financial systems, reporting tools, compliance frameworks, and data management systems
• Right to Work
  • Candidate must have the Right to Work (RTM) in Spain
• Citizenship / Nationality
  • Must have citizenship or nationality of one of the 32 NATO nations

About Insight Assurance
Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, we deliver next-generation audit services across SOC 2, ISO 27001, PCI DSS (QSA), HITRUST, CMMC (C3PAO), and FedRAMP (3PAO) frameworks.

We’re not your traditional audit firm — we’re tech-enabled, leveraging compliance automation and advanced collaboration tools to make audits faster, smarter, and more impactful for our clients.

Recognized on the Inc. 5000 and Fast 50 lists, Insight Assurance is one of the fastest-growing global audit firms, with 170+ professionals supporting nearly 2,000 clients across the Americas, EMEA, and APAC.

POSITION SUMMARY

The ISO Analyst supports the audit and assurance teams in performing ISO 27001 certification assessments and related information security audits. Working under the supervision of an Auditor, Lead Auditor, or Manager, the ISO Analyst assists in audit planning, evidence review, report preparation, and overall quality assurance.

This role requires strong attention to detail, effective communication skills, and a foundational understanding of management systems and information security principles.

KEY RESPONSIBILITIES

General Audit Support

• Ensure that all internal processes are followed correctly and consistently.

• Assist in the creation of audit programs and plans for clients and upcoming audits.

• Support evidence classification, review, and sampling activities.

• Take detailed notes during audits and assist in preparing high-quality reports.

• Send recap and follow-up communications as required.

• Collect statistics and support KPI reporting.

• Communicate effectively with stakeholders at all organizational levels using professional language and terminology.

• Maintain ethics, fairness, and accuracy in all audit documentation and reporting.

• Protect confidentiality of personally identifiable information (PII) and intellectual property (IP) belonging to both the firm and clients.

• Demonstrate professionalism and responsibility in all interactions.

Administrative & Coordination Tasks

• Handle client ingestion and onboarding activities.

• Perform HubSpot data scrubbing and updates.

• Register new engagements in Asana and coordinate Insight ONE transfers (in or out).

• Create SharePoint folders and upload Evidence Lists (EL).

• Follow up on CUP (Client Upload Portal) submissions.

Audit Planning Support (in collaboration with the ISO Manager)

• Follow up on CUP status and pending uploads.

• Send planning call recaps and assist with scheduling.

• Communicate auditor assignments and update Asana tasks.

• Collect and report metrics on Turnaround Time (TAT) for audit plan delivery.

Audit Execution Support (in collaboration with ISO Auditors)

• Ensure auditors have access to necessary GRC platforms and client systems.

Audit Reporting & Quality Assurance (in collaboration with ISO Manager)

• Collect metrics on TAT for archive submissions.

• Register findings in the Universal Registry of Findings.

• Complete archive QA forms and support non-technical QA reviews, including:

  • Audit Report

  • Audit Plan

  • Audit Program

  • Registry of Findings

Certificate & Registry Management

• Handle certificate registration in the appropriate database.

• Maintain IAF CertSearch registrations and updates.

Knowledge Requirements
• Organizational structures, governance, and workplace practices.
• Information and data systems, documentation systems, and IT fundamentals.
• Audit principles, practices, and techniques in accordance with ISO standards.
• Management system standards and normative documents required for certification.
• Certification Body (CB) processes and procedures.
• Industry terminology, practices, and expectations relevant to the client’s business sector.
• Common products, processes, and operations across industries to understand client context.
• Application of management system requirements to various organizational types.
• ISMS-specific documentation structures and interrelationships.
• Information security management tools, methods, and techniques.
• Information security risk assessment and risk management principles.
• ISMS processes and current information security technologies.
• ISO/IEC 27001 requirements and implementation principles.
• ISO/IEC 27002 controls (and sector-specific standards if applicable), including:
• Information security policies
• Organization of information security
• Human resource security
• Asset management
• Access control and authorization
• Cryptography
• Physical and environmental security
• Operations and IT service security
• Communications and network security
• System acquisition, development, and maintenance
• Supplier relationships and outsourced services
• Information security incident management
• Business continuity and redundancy planning
• Compliance and information security reviews
• Legal and regulatory requirements in information security by geography and jurisdiction.
• Information security risks and technologies relevant to the client’s industry.
• The impact of organization size, structure, and governance on ISMS implementation.
• Legal and regulatory requirements applicable to products or services.

Key Competencies
• Attention to detail and analytical thinking
• Written and verbal communication
• Integrity, confidentiality, and professionalism
• Understanding of ISO/IEC 27001 and 27002 standards
• Organizational and time management skills
• Team collaboration and adaptability
• Continuous learning and improvement mindset

What We Offer
• Opportunity to work with global experts in cybersecurity and ISO assurance.
• Exposure to top-tier clients and diverse industries.
• Professional development and certification support.
• Collaborative and remote-friendly work environment.
• Competitive compensation and growth opportunities.

 Privacy Notice CCPA: 

• Insight Assurance shares your personal data/information with Greenhouse recruiting because this is the tool we use for the recruitment process.
• Insight Assurance does not sell personal data/information under any circumstances.
• You may exercise your rights under personal data protection legislation by reaching out to us via: HR@insightassurance.com or submit a request via mail at 400 N Tampa St. 15th Floor Suite 122, Tampa, FL 33602

Privacy Notice GDPR:

This notice informs you about the categories of Personal Data/ Information and the Purpose and Scope of Processing Activities to be undertaken by Insight Assurance (we, us, our), under its job application and recruitment process.

We resort to Greenhouse.com as the platform that supports our recruitment process, and therefore your Personal Data/ Information will be Processed on this tool (hosted, shared with, cross-referenced, accessed by our team); we have in place contractual terms and the commitment of Greenhouse.com that ensures the Security and Confidentiality plus Purpose limitation with regards to the Processing of your Personal Data.

When you reply to one of your job postings, you voluntarily and freely submit your Personal Data to us; this, allied with the fact that the Processing by us (and over Greenhouse.com) of that Personal Data has the sole Purpose of validating your application and proceeding with the inherent scrutiny and decision, allows us to argue having Legitimate Interest as the applicable Legal Basis to undertake the Processing of your Personal Data under this scope.

We are a U.S. based company, hence some or all Personal Data pertaining to you will be hosted in the U.S.

The categories of Personal Data under Processing consist of:

• Identification
• Contact
• Education and Professional
• Interview performance
• Evaluation

You may exercise several Rights as determined under applicable Personal Data Protection legislation, in short:

• Right of Access – meaning getting information about the Personal Data under Processing by us, except for the information you already know;
• Right of Erasure – you may ask for us to erase all Personal Data pertaining to you under Processing; this may imply you being excluded from the recruitment process, for without information we cannot proceed with it;
• Right of Opposition or Restriction of Processing – you may ask us to stop some Processing or restrict the Processing of some Personal Data, this may imply you being excluded from the recruitment process, at our sole discretion also for without information we cannot proceed with it;
• Rectification – you can rectify your Personal Data at anytime 

About the role:

The Information Security, Risk & Compliance Specialist will play a key role in developing and executing the information security and cybersecurity compliance roadmap, focusing on maintaining key certifications such as ISO 27001, ENS, among others and driving the company’s commitment to achieving the highest security standards. 

The successful candidate will work closely with internal teams to review and maintain information security policies, conduct risk assessments, ensure alignment with governance frameworks and to manage and respond to security questionnaires. Furthermore, it will assist in preparing for external audits and actively work to strengthen the organization's security posture by identifying areas for compliance improvement. The position requires a solid understanding of security frameworks, governance processes, and risk management to ensure the organization's certifications and policies remain up to date.

Join us if you thrive in a fast-paced environment and are excited about pushing the boundaries of what's possible. This is an opportunity to have a real impact in a high-growth global category leader.

What would you do at Fever?

On your first month in Fever:

• You will be fully integrated into the team. You will participate in planning and follow-up meetings with other areas.
• You will have met the departments of Fever.
• You will get familiar with Fever's technological structure and ecosystem (applications, infrastructure, architecture, etc.)
• You will get familiar with Fever’s Information Security and Cyber Security Programme, GRC tools and documentation.

After 3 months in Fever:

• You will participate in the review and development of the documentation framework and standards.
• You will start collaborating with various internal teams in the preparation and response to security questionnaires and/or requirements.
• You will perform due diligence reviews on third-party vendors and service providers to evaluate their cybersecurity posture.
• You will start participating in the risk management process for information security and cybersecurity risks.

On your 6th month in Fever:

• You will develop a solid understanding of the information security and cybersecurity program, including its standards, governance structure and risk management methodology.
• You will manage processes related to security questionnaires and requirements coordinating with both internal and external stakeholders.
• You will manage the cybersecurity review process for third-party vendors.
• You will have full visibility into the compliance roadmap and actively participate in achieving its objectives.

Qualifications:

Must have:

• Bachelor or Master’s Degree in Computer Science, Information Security, Risk Management or another similar relevant degree (or equivalent experience in an GRC Security role).
• 4+ years of relevant experience on Information Security, Governance, Risk and Compliance projects, managing or owning the execution of the projects.
• Strong understanding of security frameworks and standards, such as ISO 27001, NIST, SOC2, or similar.
• Strong understanding of Cloud environments.
• Proven experience in conducting security assessments, risk assessments and security vendors review.
• Analytical skills, autonomy and accountability.
• Fluent in english.
• Excellent communication skills.

It would be a plus if you have:

• Relevant technical and industry certifications are a plus (e.g. CISA, CISM, ISO 27001 Lead Implementer/Auditor, CISSP, CRISC, etc).
• Familiarity with cybersecurity tools and technologies (e.g., vulnerability assessment tools, incident response and alerting platforms, etc).

Benefits & Perks

• Opportunity to have a real impact in a high-growth global category leader
• 40% discount on all Fever events and experiences
• Position based in Madrid, home office friendly.
• Relocation package for international candidates
• Responsibility from day one and professional and personal growth
• Great work environment with a young, international team of talented people to work with!
• Health insurance and other benefits such as Flexible remuneration with a 100% tax exemption through Cobee.
• English Lessons
• Gympass Membership
• Possibility to receive in advance part of your salary by Payflow.
• Attractive compensation package consisting of base salary and the potential to earn a significant bonus for top performance.