Information Security Coordinator GRC | Up to 60k | Hybrid in Málaga or Remote in Spain

We are looking for an Information Security Coordinator – GRC to join our client’s team. A leading European consulting, planning, and project management company with a global footprint, delivering sustainable, innovative, and economical solutions across real estate, industry, energy, and infrastructure.

Creating a future worth living for future generations drives everything we do. Through interdisciplinary teams, visionary thinking, and cutting-edge technologies, we ensure our clients achieve regulatory compliance, secure operations, and resilient business continuity.

Now, we are looking for a GRC expert to strengthen the organization’s cybersecurity posture, support compliance programs, and embed governance and risk management frameworks across the enterprise.

If you thrive on ensuring security maturity, driving audit readiness, and implementing best-in-class cybersecurity controls, this role is for you.

• Develop, maintain, and advise on cybersecurity governance, risk, and compliance frameworks (ISO / IEC 27001, 27701, 22301, TISAX, NIS2).
• Support cross-functional teams in embedding security controls into business processes.

• Conduct internal security assessments and prepare documentation for external audits.
• Track non-conformities and ensure corrective actions are implemented.

• Draft, maintain, and enforce security policies and procedures across business units.
• Execute risk assessments, evaluate controls, and support continuous improvement of mitigation plans.

• Support the development, implementation, and maintenance of Business Continuity Management frameworks.
• Conduct Business Impact Analyses (BIA) and align continuity plans with risk management strategies.

• Ensure adherence to data protection regulations (e.g., GDPR) and internal security standards.
• Contribute to certification programs and regulatory initiatives.

• Maintain high-quality compliance documentation.
• Support reporting to the cybersecurity steering committee and other stakeholders.

• Bachelor’s / Master’s degree in Cybersecurity, Information Systems, or related field (or equivalent experience).
• 3–5 years of experience in Governance, Risk, and Compliance, audit support, or security program implementation.

• Deep understanding of ISO / IEC 27001, 27701, 22301, NIST, GDPR frameworks.
• Experience with risk assessments, compliance programs, and audit readiness.
• Knowledge of operational security in IT and industrial environments.
• Strong documentation and reporting capabilities.

• Analytical mindset with attention to detail.
• Ability to communicate technical findings to both IT and business stakeholders.
• Proactive, self-driven, and continuous learner.

• ISO 27001 / 27701 / 22301 Implementer or Auditor
• ITIL Certified
• IPMO – International Project Management Officer

• Dynamic, collaborative environment where cybersecurity is a strategic priority
• Hybrid work setup with flexibility for remote work
• Salary up to 50-60k depending on experience
• Continuous professional development via internal Academy & external certifications
• Health & wellness benefits (private health insurance, sports bonus)