Senior GRC Analyst [MOG042]
Responder al anuncioWe are looking for an Information Security Specialist to join our Information Security team in Barcelona.
This is an amazing opportunity to become part of Clarivate’s Governance, Risk and Compliance (GRC) team, that is working cross company at all levels.
This position will be responsible for maintaining and reporting on compliance activities related to information security and privacy audit processes, key security initiatives and tests, and we would love to speak with you if you have the skills and experience below.
About You
Experience, education, skills, and accomplishments:
- BSc degree graduate in a relevant field or equivalent technical training.
- Security certifications CISO, CISSP and/or CISM preferred.
- 5+ years demonstrated experience in Information security at a global company.
- Experience with ISO 27001/2, PCI, SOC 2 Type 1/Type 2, FedRAMP, TxRAMP, TISAX.
- English at a high level - both written and spoken.
- Project management skills to drive projects and initiatives across multiple departments.
- Excellent oral and written communication skills.
- Willing to work in a global team with different time zones.
- Ability to multitask and be a team player.
It would be great if you also have:
- Additional languages, an advantage.
- Experience in creating and implementing processes.
- Knowledge of risk assessment and security baselines.
- Knowledge of ISO Certifications and NIST standards.
- Experience handling tasks in a matrixed organization.
About the Team
The Governance Risk and Compliance (GRC) team in Clarivate exists as part of the overall Information Security team headed up by our CISO within the Technology Group.
The GRC Compliance Team is a part of the GRC team and spearheads initiatives that further the organization’s compliance goals and is responsible for assessing and guiding the company’s compliance stance for Information Security in alignment with industry standards (ISO 27001, SOC 2, PCI-DSS, SOX, ISO 27017, ISO 27032, etc. ) along with contractual requirements agreed with the customers.
What will you be doing in this role?
- Implement the key initiatives/projects focused on the reduction of security risks, governance, and compliance.
- Leading security and privacy compliance assessments on new and existing systems, processes, and technologies.
- Support internal and external audit processes such as ISO 27001/ISO 27002, SSAE 18 (SOC 2 Type 1/Type 2), FedRAMP and leading standards for Information Security.
- Enhance operational effectiveness of audit activities to further align to company strategy and risk management.
- Assist with the education and awareness programs to promote security and privacy in the company.
- Inform the CISO regarding security concerns and recommend courses of action.
- Tactically maintain and operate the risk management systems.
- Responding & completing security questionnaires, contract reviews, RFPs, and tenders.
- Review proposed changes on an ongoing basis to determine the impact on security.
Hours of Work
This is a full-time permanent position, primarily working core business hours in your time zone, with flexibility to adjust to various global time zones as needed. Working on a hybrid model from our Barcelona Office.
What we can offer
- 30 working days of vacation.
- Volunteering community, with 40 paid hours of volunteering time.
- Private Health and Life & Disability insurances.
- Tax-free benefits (Ticket Restaurant scheme, kindergarten, and transport cards).
- On-site language classes (Catalan, Spanish, and English).
At Clarivate, we are committed to providing equal employment opportunities for all persons with respect to hiring, compensation, promotion, training, and other terms, conditions, and privileges of employment. We comply with applicable laws and regulations governing non-discrimination in all locations.
#J-18808-Ljbffr¡Sea el primero en responder a este anuncio de trabajo!
-
¿Por qué está buscando trabajo en Trabajas.es?
Crear alerta de empleo
Cada día nuevos anuncios de trabajo Puede elegir entre una amplia gama de trabajos: nuestro objetivo es ofrecer una selección lo más amplia posible Déjenos enviar nuevos anuncios por correo electrónico Sea el primero en responder a las nuevas ofertas de empleo Todos los anuncios de trabajos en un único lugar (de empleadores, agencias y otros portales) Todos los servicios para demandantes de empleo son gratuitos Le ayudaremos a encontrar un nuevo empleo