Scopely is looking for a Senior Security Compliance Engineer to join our Information Security team in Barcelona on a hybrid basis working 2 days a week from the hub.

At Scopely, we care deeply about what we do and want to inspire play, every day - whether in our work environments alongside our talented colleagues, or through our deep connections with our communities of players. We are a global team of game lovers who are developing, publishing and innovating the mobile games industry, connecting millions of people around the world daily. 

The IT/Ops team keeps everything behind the scenes running smoothly and we make sure all teams are equipped and connected - whether across the office or halfway around the world. AV struggles? Don’t worry, we’ve got this.

What You Will Do 

In this role, you will help design, build, and scale privacy-aware and compliance systems across a global technology organization. You will combine technical execution with a strong understanding of privacy and regulatory requirements to build practical, reliable solutions that support both the business and our players.

You will work closely with cross-functional partners across Security, Legal, Engineering, Product, and Player Experience to embed privacy by design into systems, services, and workflows. This is an exciting opportunity for someone who enjoys solving complex problems, building automation, and turning privacy requirements into scalable engineering solutions.

• Embed privacy by design into product, platform, and operational workflows
• Design, build, and improve privacy engineering capabilities that support data subject rights requests, data lifecycle management, and regulatory compliance
• Translate legal and regulatory requirements into technical requirements, engineering patterns, and actionable implementation guidance
• Build and maintain tools, services, and automations in Python to support privacy and compliance operations
• Support workflow orchestration and automation using Temporal or similar platforms
• Work in AWS and similar environments to operate secure, scalable, and reliable privacy-related systems and integrations
• Write and deploy SQL to archive or purge data, and to locate, review, and document data for privacy requirements
• Partner with engineers and architects to implement data solutions that enable the business while protecting sensitive data
• Conduct privacy assessments, identify risks, and help drive mitigation efforts through tools, training, and guidance
• Review new systems, features, and data flows for privacy impact, and partner with teams to design technical controls that reduce privacy risk
• Partner with product and engineering teams to design privacy-preserving solutions, including controls for data minimization, retention, deletion, and access
• Manage projects and enhancements from requirements gathering through delivery and stakeholder communication
• Improve documentation, reporting, evidence collection, and operational processes that support broader compliance efforts
• Identify opportunities to reduce manual work, improve data quality, and strengthen consistency through automation

What We’re Looking For 

• 5+ years of experience in information security, privacy, compliance, or a related technical role
• Hands-on experience building or maintaining solutions in Python
• Strong background in software engineering, backend systems, security, data engineering, or data architecture
• Experience with AWS and cloud-based architectures
• Experience with Temporal or similar workflow orchestration tools
• Working knowledge of APIs, JSON, SQL, and related technical tooling
• Strong understanding of privacy engineering principles, privacy by design, and technical implementation of data subject rights and data lifecycle controls
• Working knowledge of privacy regulations such as GDPR
• Familiarity with security and compliance frameworks such as ISO 27001, NIST, or COBIT.
• Experience working cross-functionally with Legal, Security, Product, and Engineering teams
• Strong communication skills, including the ability to explain technical concepts to non-technical audiences
• Strong organisational skills and the ability to manage multiple priorities in a fast-paced, global environment
• Excellent analytical, problem-solving, and collaboration skills
• Experience leveraging or building AI-enabled tools to enhance GRC processes, including developing AI assistants or automation workflows to improve regulatory monitoring, documentation, and control oversight
• Ability to navigate ambiguity, balance risk, and quickly learn new technologies
• Experience working with data systems and large datasets, including understanding data flows, retention, deletion, and access patterns

Bonus Points 

• Experience with DSR, DSAR, or privacy operations platforms
• Graduate-level study in privacy engineering
• Experience in gaming, entertainment, or another consumer technology environment
• Experience working with internationally distributed teams
• Certifications such as CIPT, CIPP, CIPM, CISSP, CISA, CRISC, or FAIR

At Scopely, we create games for everyone - and want to ensure that the people behind our games reflect that!   We are committed to creating a diverse, supportive work environment where everyone is treated with respect. We are committed to providing equal employment opportunities and welcome individuals from all backgrounds to join us & embrace the adventure!

Employment at Scopely is based solely on a person's merit and qualifications. Scopely does not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law. We also consider qualified applicants with arrest or conviction records, consistent with applicable federal, state and local law.

This role will have access to sensitive and/or confidential employee or customer personally identifiable information (PII) and/or Company financial information, and therefore will be subject to background checks upon receiving a conditional offer of employment.    

The Challenge

With growth comes commercial complexity. Our EMEA business spans dozens of markets, currencies, and contract frameworks, and our GTM teams move fast. As our Senior Manager of Order Management in Madrid, you'll be the commercial anchor for the region, the person GTM turns to when deals get complicated, when structure matters, and when quality can't be compromised. You'll lead a team of Deal Desk Analysts, operate with autonomy, and set the standard for what great deal execution looks like. This isn't a back-office support role. It's a seat at the commercial table.

Your Mission

As the commercial backbone of EMEA Deal Desk, you will:

• Build, coach, and develop a high-performing team of Deal Desk Analysts, setting clear expectations, creating development paths, and fostering a culture where your team makes decisions with confidence.

• Serve as the primary Deal Desk partner to EMEA GTM leadership, from front-line AEs to Regional VPs and SVP, bringing commercial expertise to strategic deals, QBRs, and forecast conversations.

• Drive deal quality, consistency, and velocity across the region, owning the standard for how deals are structured, reviewed, and approved.

• Lead complex deal structuring, including multi-year terms, ramps, co-terms, restructures, and non-standard commercial arrangements, guiding your team and escalating with judgment.

• Influence governance and approval workflows, establishing clear guardrails while empowering your team to move fast within them.

• Champion AI-native deal workflows, identifying where AI can accelerate deal review, improve consistency, and reduce manual effort, and then actually building those workflows with your team.

• Partner closely with Legal, Finance, and Order Operations on high-complexity or high-risk deals, bridging the gap between commercial intent and contractual execution.

• Bring structure and repeatability to deal processes, documenting business rules, identifying gaps, and continuously raising the bar on how the team operates.

• Operate as a true peer to GTM leadership, not just a support function. You have a point of view on deal strategy.

• Collaborate with the Order Management Director and global OM leadership to align regional practices with global standards and drive cross-regional consistency.

You Are

A commercially sharp, calm-under-pressure leader who knows how to build trust. You coach your team with intention; you don't just fix problems, you build capability. You're decisive when it matters, curious when it doesn't, and you know how to operate across cultures and time zones. You've earned credibility with Sales teams not by saying yes to everything, but by being an expert on deal structure. You hold the line when it matters and find creative paths when it doesn't.

You don't just use AI tools, you build a team around them. You see AI as a genuine competitive advantage for your team, and you bring your analysts along with you. Whether it's automating a review workflow, using AI to accelerate contract redlines, or building a playbook with AI assistance, you lean in. You're not waiting for the company to mandate AI adoption. You're already there.

Your Experience Includes

• 4+ years of experience in Deal Desk or Order Management, with 1+ years in a people leadership role

• Proven track record of building and coaching high-performing Deal Desk teams

• Advanced expertise in complex deal structuring: ramps, co-terms, multi-year, cancel & replace, true-ups, and restructures

• Deep fluency in revenue metrics: ARR, ACV, TCV, and Churn, and the ability to explain them clearly to any audience

• Strong contract literacy, comfortable reading, interpreting, and drafting T&Cs and order forms

• EMEA commercial experience, multi-currency deals, regional pricing nuances, and awareness of local compliance requirements

• Embraces AI as part of everyday work, using enterprise tools confidently to move faster, work smarter, and raise the bar for the team.

• Advanced knowledge of CPQ platforms (e.g., Salesforce CPQ, DealHub, Zuora CPQ, or equivalent)

• Advanced knowledge of Quote-to-Bill systems and end-to-end deal lifecycle processes

• Strong cross-functional stakeholder management, comfortable influencing Legal, Finance, Sales Ops, and GTM leadership without direct authority

• Excellent written and verbal communication skills in English; Spanish is a strong advantage

• Bilingual in English and Spanish, able to support commercial conversations and contract review in both languages

• Bachelor's degree in Finance, Business Administration, Accounting, or equivalent experience

Extra Awesome

• Demonstrated ability to adopt, champion, and scale AI tools in a professional Deal Desk environment

• Experience in privacy, trust, GRC, or compliance SaaS, you understand the space and the customer

• Hands-on experience with AI prompt engineering or building AI-assisted workflows in a commercial context

• Can build reports and dashboards in Salesforce and Excel; Power BI or equivalent analytics experience

• Familiarity with CLM solutions (e.g., Ironclad) and how they integrate into the deal workflow

• Exposure to CPQ evaluation, vendor assessment, or tooling migration, you've helped choose and implement the tools you work in

• Background in a high-growth SaaS company

• Experience maintaining and evolving a Deal Desk playbook, business rules repository, or deal approval matrix

Position Overview 

The Solutions Sales Executive will play an instrumental role in driving revenue growth across existing and new accounts for Diligent’s solutions. 

This role will operate as a European overlay specialist focused on the Office of the CISO, driving cross-sell expansion across IT & Third-Party Risk solutions within the existing customer base. The role partners closely with Account Managers who hold the territory number, leading CISO-aligned opportunity strategy, executive engagement, and complex deal execution. 

Primary focus is expansion within enterprise and upper mid-market customers across Europe (excluding UKI, France, BeNeLux, and Netherlands). 

Key Responsibilities 

• Drive cross-sell revenue growth across IT Vendor Risk, Third-Party Risk, IT Risk Management, IT Compliance, Operational Resilience, and 3rd Risk solutions. 
• Lead sales cycles with CISOs, CIOs, and senior IT Risk / InfoSec stakeholders. 
• Develop compelling business cases aligned to regulatory drivers (e.g., NIS2, DORA, ISO 27001) and cyber risk exposure. 
• Manage complex enterprise sales cycles using MEDDICC methodology. 
• Partner with Account Managers to develop expansion strategy and increase win rates. 
• Maintain accurate pipeline management, forecasting, and SFDC hygiene. 
• Develop deep expertise in Diligent’s IT & Third-Party Risk portfolio. 
• Support regional pipeline development initiatives. 

Required Experience / Skills 

• 7–10+ years of enterprise SaaS sales experience. 
• Proven success selling into CISOs or senior IT Risk / InfoSec stakeholders. 
• Experience in Third-Party Risk, IT GRC, Cyber Risk, Operational Resilience, or Vendor Risk solutions preferred. 
• Demonstrated track record closing $50K+ ARR enterprise opportunities. 
• Strong executive presence and financial acumen. 
• Experience operating in overlay or matrix sales environments preferred. 
• Strong collaboration, communication, and stakeholder management skills. 

Position Overview 

The Solutions Sales Executive will play an instrumental role in driving revenue growth across existing and new accounts for Diligent’s solutions. 

This role will operate as a European overlay specialist focused on the Office of the CISO, driving cross-sell expansion across IT & Third-Party Risk solutions within the existing customer base. The role partners closely with Account Managers who hold the territory number, leading CISO-aligned opportunity strategy, executive engagement, and complex deal execution. 

Primary focus is expansion within enterprise and upper mid-market customers across Europe (excluding UKI, France, BeNeLux, and Netherlands). 

Key Responsibilities 

• Drive cross-sell revenue growth across IT Vendor Risk, Third-Party Risk, IT Risk Management, IT Compliance, Operational Resilience, and 3rd Risk solutions. 
• Lead sales cycles with CISOs, CIOs, and senior IT Risk / InfoSec stakeholders. 
• Develop compelling business cases aligned to regulatory drivers (e.g., NIS2, DORA, ISO 27001) and cyber risk exposure. 
• Manage complex enterprise sales cycles using MEDDICC methodology. 
• Partner with Account Managers to develop expansion strategy and increase win rates. 
• Maintain accurate pipeline management, forecasting, and SFDC hygiene. 
• Develop deep expertise in Diligent’s IT & Third-Party Risk portfolio. 
• Support regional pipeline development initiatives. 

Required Experience / Skills 

• 7–10+ years of enterprise SaaS sales experience. 
• Proven success selling into CISOs or senior IT Risk / InfoSec stakeholders. 
• Experience in Third-Party Risk, IT GRC, Cyber Risk, Operational Resilience, or Vendor Risk solutions preferred. 
• Demonstrated track record closing $50K+ ARR enterprise opportunities. 
• Strong executive presence and financial acumen. 
• Experience operating in overlay or matrix sales environments preferred. 
• Strong collaboration, communication, and stakeholder management skills.

About Insight Assurance
Insight Assurance is a global audit firm on a mission to transform how organizations achieve cybersecurity and compliance. Founded by former Big 4 (EY) professionals, we deliver next-generation audit services across SOC 2, ISO 27001, PCI DSS (QSA), HITRUST, CMMC (C3PAO), and FedRAMP (3PAO) frameworks.

We’re not your traditional audit firm — we’re tech-enabled, leveraging compliance automation and advanced collaboration tools to make audits faster, smarter, and more impactful for our clients.

Recognized on the Inc. 5000 and Fast 50 lists, Insight Assurance is one of the fastest-growing global audit firms, with 170+ professionals supporting nearly 2,000 clients across the Americas, EMEA, and APAC.

POSITION SUMMARY

The ISO Analyst supports the audit and assurance teams in performing ISO 27001 certification assessments and related information security audits. Working under the supervision of an Auditor, Lead Auditor, or Manager, the ISO Analyst assists in audit planning, evidence review, report preparation, and overall quality assurance.

This role requires strong attention to detail, effective communication skills, and a foundational understanding of management systems and information security principles.

KEY RESPONSIBILITIES

General Audit Support

• Ensure that all internal processes are followed correctly and consistently.

• Assist in the creation of audit programs and plans for clients and upcoming audits.

• Support evidence classification, review, and sampling activities.

• Take detailed notes during audits and assist in preparing high-quality reports.

• Send recap and follow-up communications as required.

• Collect statistics and support KPI reporting.

• Communicate effectively with stakeholders at all organizational levels using professional language and terminology.

• Maintain ethics, fairness, and accuracy in all audit documentation and reporting.

• Protect confidentiality of personally identifiable information (PII) and intellectual property (IP) belonging to both the firm and clients.

• Demonstrate professionalism and responsibility in all interactions.

Administrative & Coordination Tasks

• Handle client ingestion and onboarding activities.

• Perform HubSpot data scrubbing and updates.

• Register new engagements in Asana and coordinate Insight ONE transfers (in or out).

• Create SharePoint folders and upload Evidence Lists (EL).

• Follow up on CUP (Client Upload Portal) submissions.

Audit Planning Support (in collaboration with the ISO Manager)

• Follow up on CUP status and pending uploads.

• Send planning call recaps and assist with scheduling.

• Communicate auditor assignments and update Asana tasks.

• Collect and report metrics on Turnaround Time (TAT) for audit plan delivery.

Audit Execution Support (in collaboration with ISO Auditors)

• Ensure auditors have access to necessary GRC platforms and client systems.

Audit Reporting & Quality Assurance (in collaboration with ISO Manager)

• Collect metrics on TAT for archive submissions.

• Register findings in the Universal Registry of Findings.

• Complete archive QA forms and support non-technical QA reviews, including:

  • Audit Report

  • Audit Plan

  • Audit Program

  • Registry of Findings

Certificate & Registry Management

• Handle certificate registration in the appropriate database.

• Maintain IAF CertSearch registrations and updates.

Knowledge Requirements
• Organizational structures, governance, and workplace practices.
• Information and data systems, documentation systems, and IT fundamentals.
• Audit principles, practices, and techniques in accordance with ISO standards.
• Management system standards and normative documents required for certification.
• Certification Body (CB) processes and procedures.
• Industry terminology, practices, and expectations relevant to the client’s business sector.
• Common products, processes, and operations across industries to understand client context.
• Application of management system requirements to various organizational types.
• ISMS-specific documentation structures and interrelationships.
• Information security management tools, methods, and techniques.
• Information security risk assessment and risk management principles.
• ISMS processes and current information security technologies.
• ISO/IEC 27001 requirements and implementation principles.
• ISO/IEC 27002 controls (and sector-specific standards if applicable), including:
• Information security policies
• Organization of information security
• Human resource security
• Asset management
• Access control and authorization
• Cryptography
• Physical and environmental security
• Operations and IT service security
• Communications and network security
• System acquisition, development, and maintenance
• Supplier relationships and outsourced services
• Information security incident management
• Business continuity and redundancy planning
• Compliance and information security reviews
• Legal and regulatory requirements in information security by geography and jurisdiction.
• Information security risks and technologies relevant to the client’s industry.
• The impact of organization size, structure, and governance on ISMS implementation.
• Legal and regulatory requirements applicable to products or services.

Key Competencies
• Attention to detail and analytical thinking
• Written and verbal communication
• Integrity, confidentiality, and professionalism
• Understanding of ISO/IEC 27001 and 27002 standards
• Organizational and time management skills
• Team collaboration and adaptability
• Continuous learning and improvement mindset

What We Offer
• Opportunity to work with global experts in cybersecurity and ISO assurance.
• Exposure to top-tier clients and diverse industries.
• Professional development and certification support.
• Collaborative and remote-friendly work environment.
• Competitive compensation and growth opportunities.

 Privacy Notice CCPA: 

• Insight Assurance shares your personal data/information with Greenhouse recruiting because this is the tool we use for the recruitment process.
• Insight Assurance does not sell personal data/information under any circumstances.
• You may exercise your rights under personal data protection legislation by reaching out to us via: HR@insightassurance.com or submit a request via mail at 400 N Tampa St. 15th Floor Suite 122, Tampa, FL 33602

Privacy Notice GDPR:

This notice informs you about the categories of Personal Data/ Information and the Purpose and Scope of Processing Activities to be undertaken by Insight Assurance (we, us, our), under its job application and recruitment process.

We resort to Greenhouse.com as the platform that supports our recruitment process, and therefore your Personal Data/ Information will be Processed on this tool (hosted, shared with, cross-referenced, accessed by our team); we have in place contractual terms and the commitment of Greenhouse.com that ensures the Security and Confidentiality plus Purpose limitation with regards to the Processing of your Personal Data.

When you reply to one of your job postings, you voluntarily and freely submit your Personal Data to us; this, allied with the fact that the Processing by us (and over Greenhouse.com) of that Personal Data has the sole Purpose of validating your application and proceeding with the inherent scrutiny and decision, allows us to argue having Legitimate Interest as the applicable Legal Basis to undertake the Processing of your Personal Data under this scope.

We are a U.S. based company, hence some or all Personal Data pertaining to you will be hosted in the U.S.

The categories of Personal Data under Processing consist of:

• Identification
• Contact
• Education and Professional
• Interview performance
• Evaluation

You may exercise several Rights as determined under applicable Personal Data Protection legislation, in short:

• Right of Access – meaning getting information about the Personal Data under Processing by us, except for the information you already know;
• Right of Erasure – you may ask for us to erase all Personal Data pertaining to you under Processing; this may imply you being excluded from the recruitment process, for without information we cannot proceed with it;
• Right of Opposition or Restriction of Processing – you may ask us to stop some Processing or restrict the Processing of some Personal Data, this may imply you being excluded from the recruitment process, at our sole discretion also for without information we cannot proceed with it;
• Rectification – you can rectify your Personal Data at anytime 

The Challenge

We are looking for a dynamic Information Security GRC Analyst to support IT and InfoSec by performing various governance, risk, and compliance activities as part of the OneTrust InfoSec GRC team.

Your mission

• Customer Security Assurance & Questionnaires
  
  
• • Own a high volume of end-to-end completion of customer security questionnaires (CAQs), RFP security sections, and other assurance artifacts (e.g., SIG, CAIQ, custom questionnaires).

  • Provide accurate, consistent, and defensible responses by leveraging internal evidence repositories (SOC reports, ISO certificates, policies, standards, diagrams, pen test summaries, etc.).

  • Partner with internal stakeholders (Sales, Marketing, Customer Success, Security, Engineering, Privacy, Legal, Compliance, Product) to validate responses and resolve gaps.

• Customer Engagement & Security Discussions

  • Meet with customers and prospects to explain security controls, risk posture, and compliance commitments.

  • Present security topics with confidence and clarity—tailoring depth for technical and non-technical audiences.

  • Support Sales and Customer Success by addressing security objections, clarifying customer audit scope, and enabling procurement cycles.

• Contract & Security Review

  • Perform security reviews of contracts, DPAs, security addenda, and customer security terms.

  • Identify security requirements, non-standard obligations, and risk areas; propose mitigations and collaborate with Legal and Security leadership on negotiation positions.

  • Track contractual security commitments and help ensure they are operationally feasible and aligned with control coverage.

• Operational Excellence

  • Improve team efficiency through standardization, playbooks, and continuous refinement of response libraries.

  • Demonstrated ability to manage, prioritize, and execute a high volume of concurrent requests with accuracy and consistency, while meeting SLAs and maintaining quality standards in a fast-paced environment.

  • Contribute to internal readiness by keeping evidence current, identifying control documentation gaps, and recommending process improvements.

You Are

• • 2-5 years of relevant experience in information security, security compliance, GRC, security assurance, third-party risk, or customer trust functions.

  • Demonstrated experience responding to customer security questionnaires and security due diligence requests.

  • Familiarity with common frameworks and attestations: SOC 2, ISO 27001, NIST, CIS, PCI DSS, HIPAA, GDPR, etc.

  • Strong understanding of security fundamentals (e.g., access control, encryption, vulnerability management, secure SDLC, incident response, logging/monitoring, vendor risk).

  • Experience collaborating cross-functionally (Security, Legal, Privacy, Engineering, Sales).

  • Excellent written and verbal communication skills—able to translate technical controls into clear, customer-ready responses.

  • Strong organizational skills and ability to manage multiple requests with competing deadlines.

• Preferred / Nice-to-Have

  • Industry certifications such as CISA and/or CISM (or equivalent).

  • Experience reviewing/negotiating security contract terms, security addendums, and customer assurance language.

  • Background in SaaS/cloud security assurance or supporting enterprise customers.

• Core Competencies

  • Customer-oriented mindset with the ability to maintain security rigor while enabling business outcomes.

  • Risk-based thinking—knows when to escalate, when to propose mitigations, and how to document decisions.

  • Attention to detail and commitment to consistency, defensibility, and evidence-based responses.

  • Comfort with ambiguity and strong ability to drive outcomes in a fast-paced environment.

  • High-Throughput Execution – Ability to efficiently manage and deliver a high volume of security assurance requests while maintaining quality, accuracy, and timeliness.

• What Success Looks Like (First 90 Days)

  • Independently handles a steady volume of questionnaires with high accuracy and improved cycle times.

  • Builds trusted partnerships with Legal/Privacy/Security to streamline approvals and escalations.

  • Leads customer security calls effectively and contributes to deal progression.

  • Establishes reusable response patterns and mentors junior staff to raise overall team quality.

About the role:

The Information Security, Risk & Compliance Specialist will play a key role in developing and executing the information security and cybersecurity compliance roadmap, focusing on maintaining key certifications such as ISO 27001, ENS, among others and driving the company’s commitment to achieving the highest security standards. 

The successful candidate will work closely with internal teams to review and maintain information security policies, conduct risk assessments, ensure alignment with governance frameworks and to manage and respond to security questionnaires. Furthermore, it will assist in preparing for external audits and actively work to strengthen the organization's security posture by identifying areas for compliance improvement. The position requires a solid understanding of security frameworks, governance processes, and risk management to ensure the organization's certifications and policies remain up to date.

Join us if you thrive in a fast-paced environment and are excited about pushing the boundaries of what's possible. This is an opportunity to have a real impact in a high-growth global category leader.

What would you do at Fever?

On your first month in Fever:

• You will be fully integrated into the team. You will participate in planning and follow-up meetings with other areas.
• You will have met the departments of Fever.
• You will get familiar with Fever's technological structure and ecosystem (applications, infrastructure, architecture, etc.)
• You will get familiar with Fever’s Information Security and Cyber Security Programme, GRC tools and documentation.

After 3 months in Fever:

• You will participate in the review and development of the documentation framework and standards.
• You will start collaborating with various internal teams in the preparation and response to security questionnaires and/or requirements.
• You will perform due diligence reviews on third-party vendors and service providers to evaluate their cybersecurity posture.
• You will start participating in the risk management process for information security and cybersecurity risks.

On your 6th month in Fever:

• You will develop a solid understanding of the information security and cybersecurity program, including its standards, governance structure and risk management methodology.
• You will manage processes related to security questionnaires and requirements coordinating with both internal and external stakeholders.
• You will manage the cybersecurity review process for third-party vendors.
• You will have full visibility into the compliance roadmap and actively participate in achieving its objectives.

Qualifications:

Must have:

• Bachelor or Master’s Degree in Computer Science, Information Security, Risk Management or another similar relevant degree (or equivalent experience in an GRC Security role).
• 4+ years of relevant experience on Information Security, Governance, Risk and Compliance projects, managing or owning the execution of the projects.
• Strong understanding of security frameworks and standards, such as ISO 27001, NIST, SOC2, or similar.
• Strong understanding of Cloud environments.
• Proven experience in conducting security assessments, risk assessments and security vendors review.
• Analytical skills, autonomy and accountability.
• Fluent in english.
• Excellent communication skills.

It would be a plus if you have:

• Relevant technical and industry certifications are a plus (e.g. CISA, CISM, ISO 27001 Lead Implementer/Auditor, CISSP, CRISC, etc).
• Familiarity with cybersecurity tools and technologies (e.g., vulnerability assessment tools, incident response and alerting platforms, etc).

Benefits & Perks

• Opportunity to have a real impact in a high-growth global category leader
• 40% discount on all Fever events and experiences
• Position based in Madrid, home office friendly.
• Relocation package for international candidates
• Responsibility from day one and professional and personal growth
• Great work environment with a young, international team of talented people to work with!
• Health insurance and other benefits such as Flexible remuneration with a 100% tax exemption through Cobee.
• English Lessons
• Gympass Membership
• Possibility to receive in advance part of your salary by Payflow.
• Attractive compensation package consisting of base salary and the potential to earn a significant bonus for top performance.