Information Security GRC Analyst

apartmentOneTrust placeMadrid calendar_month27/4/26

Experteer Overview

In this role you will support IT and InfoSec by driving governance, risk, and compliance activities for customer security. You will manage high volumes of security questionnaires and assurance artifacts, drawing on internal evidence to craft accurate responses.

You will engage with cross-functional teams to validate responses, address gaps, and explain security controls to customers. You will also review contracts for security obligations and help translate security commitments into actionable operations, contributing to scalable, evidence-based risk management.

Compensaciones / Beneficios

Own end-to-end completion of customer security questionnaires, RFP sections, and assurance artifacts (e.g., SIG, CAIQ, custom questionnaires).
Leverage internal evidence repositories to provide accurate, defendable responses.
Partner with Sales, Marketing, Customer Success, Security, Engineering, Privacy, Legal, Compliance, and Product to resolve gaps.
Present security controls and risk posture to customers and prospects, tailoring depth to technical audiences.
Perform security reviews of contracts, DPAs, security addenda, and customer terms; identify obligations and negotiate mitigations with Legal and Security leadership.
Track contractual security commitments and ensure they are feasible and aligned with control coverage.
Improve efficiency via standardization, playbooks, and updated response libraries.
Manage a high volume of concurrent requests with SLAs while maintaining quality.
Maintain current evidence, identify control gaps, and suggest process improvements.

Responsabilidades

2-5 years of experience in information security, security compliance, GRC, or related roles.
Experience responding to customer security questionnaires and due diligence requests.
Familiarity with frameworks: SOC 2, ISO 27001, NIST, CIS, PCI DSS, HIPAA, GDPR, etc.
Strong understanding of security fundamentals (access control, encryption, vulnerability management, secure SDLC, incident response, logging, vendor risk).
Experience collaborating cross-functionally (Security, Legal, Privacy, Engineering, Sales).
Excellent written and verbal communication; ability to translate controls into customer-ready responses.
Strong organizational skills with ability to manage multiple deadlines.

Requisitos principales

comprehensive healthcare coverage
flexible PTO
equity RSUs
annual performance bonus opportunities
retirement account support
14+ weeks paid parental leave

electric_boltInicio inmediato

Information Security GRC Analyst

apartmentOneTrustplaceMadrid

is shaping the future where trusted data becomes a transformative force for business and society. The Challenge We are looking for a dynamic Information Security GRC Analyst to support IT and InfoSec by performing various governance, risk...

local_fire_departmentUrgente

SAP Security/GRC Consultant- Spain

apartmentInfosys Consulting - EuropeplaceMadrid

true value and achieve their transformation agenda. The Role As a SAP Security/GRC Consultant, you will work closely with diverse clients to assess their SAP security risks, design and implement tailored SAP Security and Governance, Risk & Compliance...

thumb_up_altOferta recomendada

Senior Cybersecurity Regulatory Consultant

apartmentGMVplaceTres Cantos, 14 km de Madrid

Experteer Overview In this role you will lead cybersecurity and compliance projects for clients, ensuring alignment with security standards and regulatory requirements. You will work within a cybersecurity/GRC team to address information...