Job Overview
Who's the hiring manager?
Sign up to PitchMeAI to discover the hiring manager's details for this job. We will also write them an intro email for you.
Job Description
About the Role
Are you motivated to work in the field of regulatory compliance within a rapidly growing technology company?
At isEazy, we are looking for a Governance, Risk & Compliance Specialist to strengthen our compliance and security framework, ensuring the maintenance of our management systems and proper preparation for audits. You will also have continuous support from an external specialized consultant who will guide you in key areas of compliance, ENS, and security regulations.
Key Responsibilities
- Develop, maintain, and improve documentation for ISO 27001, ISO 20000, and ENS management systems.
- Prepare internal and external audits (ISO 27001, ISO 20000, and ENS).
- Participate in meetings with auditors and certifying bodies as the primary interlocutor.
- Prepare and validate compliance and security documentation requested by clients (specifications, RFP/RFI, questionnaires, contractual addendums, etc.).
- Serve as an internal reference for RGPD matters, coordinating with an external consultant (DPO) when applicable.
- Collaborate closely with other departments to ensure alignment with best practices and reference standards.
Required Profile
- Solid experience in regulatory compliance within technological environments.
- University degree in Computer Engineering, Telecommunications, or similar. Other technical or legal degrees with demonstrable experience in GRC will be valued.
- Experience maintaining already implemented ISO 27001 and/or ISO 20000 certifications.
- Experience as the primary interlocutor in external audits.
- Experience in defining or improving security processes.
- Methodical, organized, results-oriented profile with strong communication skills.
Highly Valued Skills
- Certifications such as ISO 27001 Lead Implementer/Lead Auditor, CISM, CISSP, ITIL.
- Previous experience working with ENS.
- Practical knowledge of RGPD applied to product and operation.
- Experience in SaaS companies or cloud environments.
What We Offer
- Integration into a stable and constantly expanding project.
- Work in an innovative and dynamic technological environment.
- 40-hour work week from Monday to Friday, with 3 days of intensive schedule and 2 days of split schedule throughout the year.
- 100% remote work, with the possibility to attend the Madrid offices when desired.
If you are excited to take on a strategic role with real autonomy, specialized support, and direct responsibility for the compliance of an expanding SaaS company, this could be your next great professional challenge.
Key skills/competency
- Governance
- Risk Management
- Compliance
- ISO 27001
- ISO 20000
- ENS (National Security Scheme)
- RGPD (GDPR)
- Information Security
- Auditing
- SaaS Environments
How to Get Hired at IsEazy
- Research isEazy's culture: Study their mission, values, recent news, and employee testimonials on LinkedIn and Glassdoor.
- Customize your resume: Highlight your solid experience in regulatory compliance, ISO 27001, ISO 20000, ENS, and RGPD within SaaS or cloud environments.
- Showcase audit leadership: Prepare to discuss your experience as a primary interlocutor in external audits and your ability to manage compliance documentation.
- Emphasize technical GRC knowledge: Be ready to detail your practical knowledge of information security, data protection, and process improvement.
- Demonstrate strong communication: As a key liaison with auditors and internal departments, effective communication is crucial for this Governance, Risk & Compliance Specialist role.
Frequently Asked Questions
Find answers to common questions about this job opportunity
Explore similar opportunities that match your background