IT Security Analyst – Governance, Risk & Compliance (GRC)

• Practice Cloud & Infrastructure

• Technologies Cyber Security

• Location Barcelona, Spain

• Type Contract

IT Security Analyst – Governance, Risk & Compliance (GRC)

Location: Barcelona (Hybrid) – Open to remote across Spain or Portugal
Contract: 1-Year Contract with option for permanent conversion

Overview

We’re looking for an IT Security Analyst (GRC) to join a global technology and engineering group, supporting its European cybersecurity operations.
You’ll play a key role in improving security governance, risk management, and compliance across multiple entities — ensuring alignment with international standards and helping shape a strong security culture.

Key Responsibilities

• Strengthen and maintain the Information Security Management System (ISMS) aligned to ISO 27001.

• Oversee risk assessments, remediation, and monitoring across European subsidiaries.

• Implement and track compliance controls and support internal/external audits.

• Respond to security and compliance requests from business and project teams.

• Deliver security awareness initiatives and support international security projects.

What We’re Looking For

• 5+ years’ experience in security governance or compliance.

• Strong knowledge of ISO 27001, ENS, TISAX, or NIST frameworks.

• Background in risk management and control implementation.

• Excellent English communication skills; French or Spanish is a plus.

• Certifications such as CISM, CISSP, or ISO 27001 Lead Implementer are desirable.

Why Apply?

• Work with a global organisation driving secure digital transformation.

• Be part of an international cybersecurity community.

• Hybrid flexibility – based in Barcelona or remote from Spain/Portugal.

• Opportunity for long-term career growth and permanent conversion.

  Interested in applying? Reach out to Luke Finn on +44 203 053 3723 / luke@next-ventures.com

• share
• 
• 
• 
•