HQ - GRC Senior Analyst

Jobandtalent

Jobandtalent

IT

Madrid, Spain · Spain

Posted on May 20, 2026

We are looking for a GRC Senior Analyst to own and scale our Governance, Risk, and Compliance function within a fast-growing product company. This is a key role responsible for ensuring compliance with SOX, ISO 27001, and GDPR, while enabling the business to move fast in a secure and controlled way.

You will act as the main driver of our compliance strategy, working cross-functionally with Engineering, Security, Legal, Finance, and Product teams.

What you will do

  • Own and lead the company’s GRC implementation across ISO 27001 and GDPR.
  • Build and manage the Information Security Management System (ISMS) aligned with ISO 27001.
  • Ensure GDPR compliance across all data processing activities, including data mapping, data leaks, and encryptions.
  • Act as the primary point of contact for auditors and prepare the company for ISO audits.
  • Identify compliance gaps and drive remediation plans with technical and non-technical teams.
  • Develop governance policies, procedures, and risk management frameworks.
  • Partner closely with Engineering and Security teams to embed controls into systems and SDLC processes.
  • Monitor regulatory and compliance changes and translate them into actionable requirements.

Mandatory Requirements

  • 8+ years of experience in GRC, Risk, Compliance, or IT Audit roles
  • 5+ years of strong hands-on experience with ISO 27001 and experience managing or supporting ISMS implementation.
  • 3+ years of practical experience with GDPR data mapping, reviewing systems from the tech side.
  • 5+ years of experience from a product tech company with global client reach in the US & EU (companies above 100 people).
  • Experience working with internal and external auditors
  • Very strong stakeholder management and communication skills across technical and non-technical teams.
  • Fluent English

Nice to have

  • Familiarity with cloud environments (AWS, GCP, Azure).
  • Security certifications (CISA, CISM, ISO 27001 Lead Implementer/Auditor).
  • Other security experience.
#LI-ML3
See more open positions at Jobandtalent