Information Security Consultant – Security Transformation Programme
Location: Spain (Remote)
Contract Length: Initial 6-Month Contract
Start Date: ASAP
Day Rate: Competitive / DOE
Overview
We are seeking an experienced Information Security Consultant to support a major security transformation programme for a global organisation. This is a fully remote contract role; however, candidates must be based in Spain and eligible to work there.
The successful consultant will play a key role in helping mature security capabilities, improve governance and risk management practices, and support the delivery of strategic cybersecurity initiatives across the business.
Key Responsibilities
* Support the delivery of a large-scale security transformation programme across multiple workstreams
* Assess current security controls, processes, and operating models, identifying gaps and improvement opportunities
* Provide expertise across information security governance, risk, compliance, and security architecture
* Work closely with technical and business stakeholders to define and implement security best practices
* Assist with the development and enhancement of security policies, standards, and procedures
* Support security tooling, control optimisation, and remediation activities
* Contribute to risk assessments, control reviews, and audit readiness activities
* Provide guidance on regulatory and compliance requirements including ISO 27001, NIST, GDPR, and related frameworks
* Produce clear documentation, reporting, and stakeholder updates throughout the programme lifecycle
* Collaborate with internal teams and third-party vendors to ensure successful programme delivery
Required Skills & Experience
* Proven experience working as an Information Security Consultant or Security Transformation Consultant
* Strong background delivering security transformation or cybersecurity improvement programmes
* Experience across security governance, risk management, compliance, and control frameworks
* Good understanding of standards and frameworks such as ISO 27001, NIST CSF, CIS Controls, and GDPR
* Ability to engage with both technical and non-technical stakeholders
* Strong documentation, communication, and reporting skills
* Experience working within complex enterprise environments
* Self-starter with the ability to work independently in a remote environment
Desirable Experience
* Experience within regulated industries such as finance, healthcare, or telecommunications
* Security certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor, or similar
* Experience supporting cloud security initiatives (AWS, Azure, or GCP)
* Exposure to IAM, SOC, vulnerability management, or security operations transformation projects
Additional Information
* Fully remote position
* Candidates must be based in Spain
* Initial 6-month contract with potential extension
* International project environment
* English language skills required