GRC Senior Consultant (Cybersecurity) (100% remote Spain)

UST is looking for the very Top Talent…and we would be delighted if you were to join our family!

More in details, UST is a multinational company based in North America, certified as a Top Employer and Great Place to Work company with over 35.000 employees all over the world and presence in more than 35 countries. We are leaders on digital technology services, and we provide large-scale technologic solutions to big companies.

What are we looking for?

Senior Consultant, with experience in cibersecurity projects, working close to several clients. This role requires a professional capable of working independently, managing end-to-end engagements, conducting audits, and providing expert advisory across multiple security domains.

Main tasks and accountabilities will be:

• Lead consulting engagements across cybersecurity, risk management, and compliance domains.
• Advise clients on best practices, improvement strategies, and implementation approaches aligned with recognized standards.
• Translate regulatory and technical requirements into clear, actionable recommendations.

Independently conduct internal audits and GAP analyses aligned with: ISO 27001, ISO 22301, ISO 27701, NIST CSF 2.0, DORA, NIS2, ENS, and other frameworks.

• Identify non-conformities and provide structured remediation plans.
• Prepare client-ready audit reports, risk registers, and compliance roadmaps.
• Facilitate and execute risk assessments (AARR, BIAs) across business processes and information systems.
• Apply methodologies such as ISO 31000, Magerit v3, and COSO to evaluate and treat risks.
• Support clients in adopting formal risk management practices.

• Review technical assessments to identify vulnerabilities and recommend mitigation strategies.
• Support cybersecurity initiatives including control implementation, incident response planning, and awareness programs.
• Validate security controls and document evidence of compliance.

• Serve as a primary point of contact for clients throughout engagements.
• Communicate technical requirements, project progress, findings, and recommendations clearly and effectively.
• Deliver presentations, training sessions, and executive briefings tailored to diverse audiences.

• Develop and maintain client documentation including policies, procedures, standards, and process guides.
• Ensure high-quality, audit-ready documentation for all consulting deliverables.
• Coordinate evidence collection efforts across client teams during audit and compliance activities.
• Collaborate with the rest of the team to improve the existing templates of documents or create new ones.

• 4+ years of experience in cybersecurity consulting, audits, compliance, or risk management.
• Expertise and / or certification in ISO 27001 and ENS (mandatory).
• Working knowledge of international standards such as: ISO 22301, ISO 27701, ISO 27005, ISO 42001, NIST CSF 2.0, SOC 2, GDPR, DORA, NIS2, CMMC 2.0.
• Strong proficiency in risk assessment methodologies (ISO 31000, Magerit v3, COSO).
• Experience in business and service continuity management.
• Excellent verbal and written communication skills in English.
• Bachelor's degree in Computer Engineering, Telecommunications, or a related field; Master’s in Cybersecurity preferred.
• Good english level (C1) you will be working with international teams.

• CISM
• CISSP
• CISA

100% remote within Spain. Occasionally, it will be necessary to go to an office in Madrid or Barcelona. Business Hours.

• 23 days of Annual Leave plus the 24th and 31st of December as discretionary days!
• Numerous benefits (Health Care Plan, teleworking compensation, Life and Accident Insurances).
• Free access to several training platforms

UST also, compensates referrals from which you could benefit when you refer professionals.

The option to pick between 12 or 14 payments along the year.

Real Work Life Balance measures (flexibility, WFH or remote work policy, compacted hours during summertime…)

If you would like to know more, do not hesitate to apply and we’ll get in touch to fill you in details. We are waiting for you!

In UST we are committed to equal opportunities in our selection processes and do not discriminate based on race, gender, disability, age, religion, sexual orientation or nationality. We have a special commitment to Disability & Inclusion, so we are interested in hiring people with disability certificate.

Cybersecurity Consultant • Madrid, Spain