Information Security Coordinator for Governance, Risk and Compliance

Drees & Sommer SE -
Málaga, Málaga provincia

Solicitar ahora

Detalles del empleo

Jornada completa

Cualificaciones

ITIL Foundation
Disaster Recovery
Inglés

Descripción completa del empleo

Experience Level

Experienced professional

Area

Location

Calle Trinidad Grund, 29001 Málaga

Employment Type

Full-time

Company

Drees & Sommer Digital Services

Start Date

By arrangement

The Information Security Coordinator for GRC is a seasoned professional with extensive expertise in Governance, Risk, and Compliance (GRC), bringing a deep understanding of global cybersecurity frameworks, regulations and best practices. With a strong track record in executing certification programs and embedding cybersecurity controls within large-scale and multinational environments, this expert role supports Drees & Sommer’s mission to ensure regulatory compliance, business continuity, and long-term information security maturity. Support yearly internal and external audit programme in alignment with the head of the department. Support the development, implementation and maintenance of the company’s BCM framework.

YOUR TASKS

Core Responsibilities

GRC Execution & Advisory: Support the development and maintenance of cybersecurity governance, risk, and compliance frameworks in alignment with ISO/IEC 27001, 27701, 22301, TISAX, NIS2 and other relevant standards.
Audit Preparation & Support: Conduct and drive internal security assessments and support external audits by preparing documentation, identifying non-conformities, and ensuring implementation of corrective actions.
Policy Implementation: Draft, maintain, and ensure the correct application of cybersecurity policies and procedures based on industry standards across business units.
Risk & Control Assessment: Execute technical risk assessments and control effectiveness evaluations; support continuous improvement of risk treatment plans.
BCM Program Coordination: Support the development, implementation, and maintenance of the company’s BCM framework.
Business Impact Analysis (BIA): Assist in conducting and updating BIAs to assess the impact of potential disruptions.
Continuity Planning: Help develop and maintain business continuity and disaster recovery plans. Ensure alignment of continuity plans with information security and risk management strategies.
Compliance Monitoring: Ensure adherence to data protection regulations (e.g., GDPR), IT security laws, and internal security guidelines.
Project Involvement: Act as a cybersecurity expert in cross-functional projects, ensuring that new initiatives are aligned with cybersecurity requirements.
Documentation & Reporting: Maintain high-quality documentation for compliance purposes; support reporting to the cybersecurity steering committee or auditors.
Security Tools & Processes: Support the use of GRC tools, risk dashboards, and internal control platforms.

YOUR PROFILE

Deep knowledge of international cybersecurity standards and frameworks (ISO/IEC 27001, 27017, 27701, 22301, NIST, GDPR)
Expertise in compliance program execution and audit readiness
Practical experience with risk assessments and mitigation planning
Proficiency in policy and process implementation
Strong technical writing and documentation skills
Awareness of operational security practices in IT and industrial environments
Strong analytical thinking and attention to detail
Fluent in English is a must (equivalent to C1)

Certifications & Qualifications

Certified in ISO 27001/27701/22301 Implementer or Auditor
ITIL Certified
IPMO – International Project Management Officer

YOUR ADVANTAGES

A dynamic and collaborative environment where cybersecurity is a strategic priority

A team that values creativity, initiative, and continuous improvement

To ensure your work-life balance, we offer the option of mobile working

We promote your professional and personal development through individual training and further education at the Drees & Sommer Academy

We support your health with a bonus for sports enthusiasts. We offer the possibility of subscribing to a private health insurance policy

Employees benefit from tax advantages related to their commuting expenses for the office

Solicitar ahora

Experience Level

Area

Location

Employment Type

Company

Start Date

YOUR TASKS

YOUR PROFILE

YOUR ADVANTAGES

Herramientas para candidatos

Herramientas para empresas

Buscar

Mantener la conexión