Head of Cyber Security Governance, Risk and Compliance

You will need to login before you can apply for a job.

Employer: Tunstall Spain
Location: Madrid, Spain
Salary: USD 90,000.00 per year
Closing date: 6 May 2025

Sector: Engineering, IT, Security
Job Role: Cyber Security Consultant
Job Type: Permanent

We are currently recruiting for a Head of Cyber Security Governance, Risk and Compliance, reporting to the Global Chief Information Security Officer (CISO), to lead our Governance, Risk and Compliance teams, ensure Tunstall is protected from cyber threats and support our business to innovate, grow, and flourish under secure conditions.

This is an incredibly exciting time to join Tunstall as we embark on an exciting period of transformation. You will be joining a recently created and growing global Information Security team within Tunstall and play a key part in the success of this transformation.

This role would be based at our Madrid office working on a hybrid basis. We are flexible on number of days in the office, and on location and would consider applications from people who can work at one of our other European offices (Malmo, Sweden or Manchester or Yorkshire in the UK).

Please can you ensure your CV is uploaded in English so the team can review.

As our Head of Governance, Risk and Compliance (GRC), you will build a highly engaged and trained team with the required capabilities and competencies to ensure proper governance of our security functions globally, that cyber risks are properly addressed, and Tunstall meets all required regulatory and compliance requirements for the business to operate.

Leading the development and implementation of comprehensive corporate cybersecurity policies, standards, and procedures, ensuring they are current, relevant, and communicated effectively across the organisation is key to the success of this role.

Whilst this is a senior position, it will require hands-on work as well, so you must be happy to work at the strategic, tactical, and operational level as required.

To be successful in this role you will have substantial experience in cybersecurity, with proven experience as a leader in governance, risk and compliance within complex, multinational organisations. You will have a deep understanding of the cybersecurity market, trends, risk frameworks, and security standards and regulations.

With a naturally collaborative style, excellent written and verbal communication skills, and an analytical mindset, you will be able to engage and influence senior stakeholders globally. You will be an effective people manager, able to coach and motivate a team, driving high performance. The ability to navigate within varying operational levels from the functional to the strategic is vital to the success of this role.

In addition, you will be proactive, with a high attention to detail, taking ownership of tasks, able to solve problems effectively, and be tenacious in your approach to ensure completion of tasks and projects to time and of required quality.

• Hybrid Working
• Competitive salary + potential bonus
• Boost your learning and growth through access to a Talent Library with over 800 courses, and access to Udemy or O'Reilly learning platforms
• A warm and welcoming team environment and a chance to build a rewarding career

• Build a highly engaged and trained team with the required capabilities and competencies to achieve the stated mission
• Coordinate, drive direction and oversee the team to ensure that the outcome and achievements of the team are aligned with the overall information security strategy and the business objectives
• Lead the development and implementation of comprehensive corporate cybersecurity policies, standards, and procedures, ensuring they are current, relevant, and communicated effectively across the organisation
• Oversee the application of the global risk management framework in all countries and businesses
• Align and influence the business and technology areas in the countries and at Group level to adopt and follow the global framework
• Own the key performance indicators (KPIs) and metrics that help InfoSec to measure and communicate our risk posture consistently in operational and high-level forums, including to the Board
• Ensure security compliance and audit requirements are planned and met in all regions
• Oversee the security culture, training and awareness programmes and support the Lead in building partnerships and influencing business and technology areas
• Support the Global CISO in managing the overall InfoSec budget and strategic plans and initiatives, and oversee operational activities of the GRC team, aligning those with the Global InfoSec and Tunstall Technology Group budget and plans
• Report in senior-level forums about the performance and key activities conducted by the GRC function
• Provide guidance to senior stakeholders on emerging security and privacy regulatory requirements
• Influence stakeholders in technology areas and the business to transform current ways of working and priorities towards becoming a secure organisation
• Partner with technology and business leaders to integrate GRC initiatives with broader business objectives
• Keep a constant innovative, challenging and constructive attitude towards continuous improvement

• Substantial experience in cybersecurity roles, with proven experience as a leader in governance, risk and compliance
• Previous experience in senior management positions in complex, multinational organisations
• Deep understanding of the cybersecurity market, trends, risk frameworks and security standards and regulations
• Excellent written and verbal communication skills
• Strong background in governance, risk management or compliance areas, and ability to work at high level whilst paying attention to the details
• Ability to manage complexity and make decisions with limited information or under uncertainty
• Bachelor's degree in a technical or non-technical discipline, or equivalent experience
• You must be able to communicate effectively in English (ie CEFR C1)

• Spanish or Swedish language skills

If you are not sure if you have the relevant skills or experience, then please apply (only takes a few minutes) and let our team review and come back to you.

Tunstall is a market-leading health and care technology provider.

We're passionate about ensuring our team reflects the brilliant and unique qualities of the people and communities we support. Our incredible team of more than 3,000 colleagues provides life-saving and life-changing technology and services to millions of people in 18 different countries.

At Tunstall you'll find a place where you're valued and celebrated for being yourself. We empower our people to deliver the very best teamwork, innovation and thought leadership by creating an environment where we champion diversity and inclusion. We demonstrate our commitment to diversity and inclusion at each step. From our open, fair, and transparent recruitment processes, through to the many development and career growth opportunities we provide.

Each Tunstall colleague has a superpower... they're unique. No one else is them, and we think that's special. Come and join our mission and be part of our team, our One Tunstall team.

Departamento: Group Information Security
Puesto: Head of Governance, Risk and Compliance
Ubicaciones: Madrid
Estado remoto: Híbrido
Salario anual: 90.000 €
Tipo de empleo: Tiempo completo

Create a job alert and receive personalised job recommendations straight to your inbox.