🚀 At Hays, we are collaborating with an international business group and a global leader in claims & repair management The group stands out for its strong focus on automation, AI, computer vision, large language models, and highly digitalized processes. It is composed of three companies operating under a unified strategic vision, located across different European countries. They are executing a multi‑year strategic program to strengthen its capabilities across IT Governance, Information Risk Management, and Compliance.
🔍 We are currently looking for an IS Operations Consultant, who focuses on supporting the creation and strengthening of the centralized Information Security Operations capability. It is an operational and coordination‑focused position that works closely with the CISO and with teams across Infrastructure, Cloud, IT Operations, Workplace, and Applications.
🎯 What are the requirements?
* 5+ years of experience in Information Security operations.
* Strong practical knowledge of security technologies such as SIEM, EDR/XDR, and vulnerability scanning tools.
* Experience in enterprise or multi‑entity environments, with familiarity in cloud security concepts (AWS, Azure, IAM, logging, encryption).
* Working understanding of regulatory frameworks (ISO 27001, DORA, NIS2) and experience supporting external security vendors or MSSPs.
* Excellent communication skills and ability to work across distributed teams.
* Fluency in English.
📊 What will your responsibilities be?
Security Operations Support
* Operational oversight of the MSSP responsible for 24/7 monitoring and incident response.
* Participation in incident coordination and post‑incident reviews.
* Support for vulnerability management processes (validation, prioritization, and remediation follow‑up).
* Coordination of penetration testing activities and tracking of remediation.
* Execution and monitoring of cybersecurity awareness campaigns.
Governance & Compliance
* Contribute to alignment with regulatory frameworks such as ISO 27001, NIST, DORA, and NIS2.
* Preparation of audit evidence and documentation.
* Reporting of KPIs on vulnerabilities, risks, and remediation status.
* Maintenance of the consolidated security risk register.
Internal & Vendor Coordination
* Serve as the operational point of contact between the central security function and local IT teams.
* Oversight of security providers (MSSP, pentest vendors, tooling suppliers).
* Tracking of SLAs and support in operational service reviews.
* Collaboration with Infrastructure and Cloud teams to ensure secure configurations and remediation follow‑up.
💼 What do we offer?
* Freelance contract with Hays
* Remote work model for this project
* Offices in Spain: Madrid, Barcelona, Andalucía.
* International project until the end of the year.
* Competitive salary depending on experience
We are looking for professionals like you, passionate about technology, and eager to take on a new challenge. If this aligns with you, apply for the position so we can share more details with you!