📢From Hays, we're collaborating with a global leader in digital automation and AI‑powered operational transformation, operating across multiple countries and serving large enterprise customers. They specialise in end‑to‑end digital process optimization, including complex, technology‑driven environments in which information governance, compliance, and risk management are mission‑critical.
🔍We're looking for an IT Risk / IRM Analyst to help strengthen and operationalize the company’s Information Security Risk Management framework.
You will be part of a growing governance team responsible for ensuring security controls, risk mitigation activities, ISO 27001 compliance, and audit readiness across several business units, acting as a bridge between high‑level governance requirements and practical implementation across IT functions.
🎓 Required Skills & Experience
* 3–5 years of experience in Information Security, IT Audit, or IT Risk Management.
* Strong practical knowledge of ISO 27001 (implementation, management, or auditing).
* Familiarity with ISO 31000 / ISO 27005 risk methodologies.
* Experience with GRC tools (Archer or similar).
* Advanced level of English (fluency).
* Experience engaging with senior IT stakeholders and cross‑functional teams.
* Strong analytical mindset, autonomy, and clear communication skills.
* ISO 27001 Lead Implementer/Auditor certification is highly valued.
📌 Key Responsibilities
* Conduct systematic IT Risk Assessments in complex, multi‑entity environments.
* Align all risk management activities with the organisation’s IRM framework.
* Support and monitor the implementation and effectiveness of ISO 27001:2022 Annex A controls.
* Develop and follow up on risk treatment plans with IT and Security teams.
* Ensure accurate scoping and classification of IT assets following CIA principles.
* Act as a key contact for internal and external audits, ensuring evidence collection and compliance reporting.
* Collaborate with application owners, governance teams, architecture, and security stakeholders.
🌟 What we offer
* Full-time opportunity with Perm/Freelancer contract.
* Flexibility to work 100% remotely or hybrid in one of the offices in Madrid, Barcelona, Córdoba or Coruña.
* Chance to work in a high‑impact global technology environment, driving governance and security maturity.
* Exposure to advanced automation, AI‑driven processes, and highly scalable digital platforms.
📩If you are interested and want to contribute to a modern, innovation‑driven global organisation, please apply to this offer with your CV, so we can contact you for more information.