GRC Analyst (Cyber) (100% remote Spain)
Role details
Job location
Tech stack
Job description
- Analyze and understand cybersecurity controls defined in the maturity model, as well as in the Group's policies and standards.
- Assess, together with technical teams, the actual implementation of controls, verifying their alignment with established requirements.
- Document existing controls following the defined format (objective, frequency, RACI, operation, monitoring, evidence…).
- Identify gaps and propose improvements to strengthen the effectiveness and maturity of the controls.
- Monitor compliance indicators (Qualys) in the different technologies: LS, BD, network, security, etc.
- Coordinate and manage remediation processes with technical teams.
- Evaluate and manage requests for exceptions.
- Participate in the final approval of exceptions together with Regulatory Framework & Compliance.
- Ensure that internal Compliance scanning infrastructure (scanners, agents, all components necessary for scanning and communication) are deployed having a proper visibility of the network (hosts and services) to ensure proper delivery of the service.
- Cybersecurity Risk Governance management (Holistic, cyber metrics, golden source HERACLES, etc), achieving an alignment in the company strategy and metrics.
- Follow and control management of cyber-audits and cyber recommendations.
- Maintain open communication with the Local focal point of other regions and Cybersecurity Global.
Requirements
- Minimum 2 years of experience in relevant fields
- Education: Computer Engineering / Computer Science or similar
- Basic understanding of security frameworks and compliance regulations
- Technical knowledge in basic systems and networks, Knowledge in tools of Compliance or Vulnerability Management (Qualys, nessus or similar). Knowledge in office suite (excel, word,…), Basic knowledge of reporting tools such as PBI.
- Other tools positively assessed: CyberArk
- Good english level (B2-C1) you will be working with international teams.
Benefits & conditions
100% remote within Spain.
Work schedule
Business Hours.
? What can we offer?
️ 23 days of Annual Leave plus the 24th and 31st of December as discretionary days!
️ Numerous benefits (Health Care Plan, teleworking compensation, Life and Accident Insurances).
? `Retribución Flexible´ Program: (Meals, Kinder Garden, Transport, online English lessons, Health Care Plan…)
? Free access to several training platforms
? Professional stability and career plans
? UST also, compensates referrals from which you could benefit when you refer professionals.
? The option to pick between 12 or 14 payments along the year.
? Real Work Life Balance measures (flexibility, WFH or remote work policy, compacted hours during summertime…)
? UST Club Platform discounts and gym Access discounts
