Security Compliance Specialist

Position Summary

The Security Compliance Specialist will be responsible for ensuring ongoing compliance with security frameworks and privacy regulations, including ISO 27001, SOC 2, NIST, CIS, GDPR, and related requirements. This is a hands-on technical role requiring the ability to gather, analyze, and validate compliance evidence from IT systems, applications, and security tools.

The specialist will work closely with IT, Security, and GRC teams to maintain compliance posture, support internal and external audits, and contribute to continuous improvement of controls and processes. While primarily internally focused, this role may also involve responding to customer security questionnaires or supporting audit interactions. The position requires strong technical knowledge, familiarity with system administration, and the ability to use monitoring and log analysis tools such as Splunk to validate security controls.

Responsibilities

• Operate and maintain security compliance processes across ISO 27001, SOC 2, NIST, CIS, GDPR, and other relevant frameworks.
• Collect, analyze, and validate technical compliance evidence from systems, applications, and security platforms.
• Use SIEM and other monitoring tools to review logs, configurations, and control effectiveness.
• Support internal and external audits by preparing evidence, coordinating with stakeholders, and responding to auditor requests.
• Contribute to security control testing, system hardening reviews, and validation of technical baselines.
• Collaborate with internal stakeholders to ensure compliance requirements are integrated into operations and projects.
• Support responses to customer security questionnaires and due diligence requests as needed.
• Maintain documentation of compliance processes, evidence repositories, and audit history.
• Monitor changes in regulatory and framework requirements, recommending updates to controls or processes as required.
• Assist in developing metrics and reports on compliance status for leadership review.

Required Skills And Experience

• 5–7 years of experience in IT administration, security operations, or compliance roles.
• Strong understanding of security frameworks and regulations: ISO 27001, SOC 2, NIST CSF, CIS, GDPR, and related privacy requirements.
• Hands-on experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar, Elastic) for compliance and security validation.
• Background in IT system administration (Windows, Linux, or cloud environments) with knowledge of security controls and configurations.
• Familiarity with common cybersecurity domains: access control, logging/monitoring, vulnerability management, and incident response.
• Experience preparing compliance evidence and supporting audits.
• Strong analytical and problem-solving skills, with attention to detail.
• Ability to collaborate effectively with internal stakeholders to achieve compliance objectives.
• Effective communication skills, with the ability to explain technical compliance evidence to non-technical stakeholders and, when required, to customers.
• Relevant certifications (e.g., CompTIA Security+, CISSP, CISM, ISO 27001 Lead Implementer/Auditor, or SIEM certifications) are an advantage.
• English language fluency (written and spoken).

Key Technologies

• SIEM Platforms: Splunk, Microsoft Sentinel, QRadar, Elastic, or equivalent.
• System Administration: Windows Server, Active Directory, Linux, and cloud platforms (AWS, Azure, Oracle).
• Vulnerability & Compliance Tools: Qualys, Tenable, CIS benchmark tools, or equivalent.
• Other platforms: SharePoint, Confluence, ServiceNow.

Mandatory Requirements

• Nationality or Work Authorization: Spanish nationality, or alternatively a permanent work permit/VISA for Spain.
• Language Proficiency: Advanced level of Spanish and English (both written and spoken).

Why Syntax?

Become a part of our success story and work in a company with exciting innovation projects that are causing a stir across the industry. We recently launched one of the world's most advanced manufacturing facilities based on SAP S/4HANA Cloud and SAP Digital Manufacturing Cloud for Execution - for Smart Press Shop, a pioneering joint venture between Porsche and forming specialist Schuler.

Competitive, above-average compensation

Global tourist: With us, you can also work from abroad from time to time

Flexible working time models, home office

Attractive benefits, e.g. various health offers

A modern environment in which the "you" is part of it

Open feedback culture, flat hierarchies and a motivated team

Individual career planning with continuous training and coaching on the job

Benefits

• Flexible hours, Monday to Thursday 8h, and Fridays.... 6h. In addition, the whole month of August and the first half of September we have an intensive timetable.
• 28 days holiday (23 days holiday + 4 days at Christmas from 15 December to 15 January + 1 day for your birthday)!
• Windows laptop for work (Dell or Lenovo)!
• Apple or Android smartphone...you choose!
• Two lovely offices with a nice garden to relax and have a coffee
• Free coffee and soft drinks
• Kitchen facilities
• Medical insurance with Sanitas
• Training: Free AWS and SAP certifications, internal workshops and free access to Linkedin E-learning
• Free online English, German, Spanish or French classes through a platform
• Online Canteen 2.0

Key skills/competency

• ISO 27001
• SOC 2
• NIST CSF
• GDPR Compliance
• SIEM Platforms
• Audit Support
• Vulnerability Management
• System Hardening
• Log Analysis
• Risk Management