Security Governance Specialist

Summary

Join Docplanner as a Security Governance Specialist and play a vital role in maintaining the company's information security framework. You will develop and maintain security policies, procedures, and standards, ensuring alignment with business objectives and regulatory compliance. Responsibilities include monitoring the security governance framework, managing compliance, contributing to security awareness programs, and preparing compliance reports. The ideal candidate possesses experience in information security governance, risk management, and relevant security standards. Docplanner offers a competitive salary, flexible work arrangements, comprehensive benefits, and opportunities for professional development.

Requirements

• Experience taking part in internal and or external audits
• 1-3 years of experience in information security governance
• Significant risk management experience
• Knowledge of relevant security standards and frameworks (e.g., ISO 27001, SOC 2)
• Experience of Security Governance tooling
• Understanding of regulatory requirements, such as GDPR
• Excellent communication and collaboration skills, with the ability to work across various departments
• Strong analytical and problem-solving skills
• Detail-oriented with a commitment to maintaining accuracy in documentation
• Ability to adapt to a dynamic and fast-paced environment
• Self-starter and free thinker

Responsibilities

• Develop and maintain information security policies, procedures, and standards in alignment with industry best practices, regulatory requirements, and organisational goals
• Assess the policy framework in support of continuous improvement and suggest positive changes where appropriate
• Monitor the performance of the security governance framework
• Define and report on suitable and meaningful metrics
• Assist in identifying and understanding regulatory requirements and standards relevant to the organisation
• Liaise with local entities and subject matter experts to assist with compliance requirements from customers, investors or legislators
• Assist in the planning and execution of internal and external audits
• Contribute to the development of security awareness programs and training materials
• Collaborate with the Security Awareness and Training Specialist to educate employees about security policies and best practices
• Maintain the repository of security policies, procedures, and standards
• Prepare and distribute reports on compliance status, governance efforts, and security metrics to management
• Assist in the identification, assessment and reporting of risks across the organisation
• Monitor the compliance of risk management activities
• Liaise with the Head of Risk and Compliance and other key stakeholders
• Stay informed about emerging security threats, regulations, and best practices
• Propose and implement improvements to the security governance framework based on industry trends and organisational needs

Preferred Qualifications

ISO 27001 Lead Auditor or Implementor certification

Benefits

• A salary adequate to your experience and skills between 53,000 and 70,000 euros
• Flexible remuneration and benefits system via Flexoh , which includes: restaurant card, transportation card, kindergarten, and training tax savings
• Share options plan after 6 months of working with us
• Remote or hybrid work model with our hub in Barcelona
• Flexible working hours (fully flexible, as in most cases you only have to be on a couple of meetings weekly)
• Summer intensive schedule during July and August (work 7 hours, finish earlier)
• 23 paid holidays, with exchangeable local bank holidays
• Additional paid holiday on your birthday or work anniversary (you choose what you want to celebrate)
• Private healthcare plan with Adeslas for you and subsidized for your family (medical and dental)
• Access to hundreds of gyms for a symbolic fee in partnership for you and your family with Andjoy
• Access to iFeel , a technological platform for mental wellness offering online psychological support and counseling
• 20% time rule: spend 20% of your working hours on personal development related to your role and collaboration with other teams
• Free English and Spanish classes