IT Risk Compliance Analyst

Job Description

We are looking for an IT Risk & Compliance Analyst to join our cybersecurity and governance team in Málaga.

In this role, you will be responsible for ensuring the security and compliance of applications and containerized environments, advising development teams on secure coding practices, and driving continuous improvement in risk management processes.

This position involves close collaboration with software engineers, architects, and security specialists across international teams.

• Govern and manage vulnerabilities across applications and containerized environments (Docker, Kubernetes).
• Conduct risk assessments for new applications from the design phase, including threat modeling.
• Advise and guide development teams in the adoption of secure software practices.
• Integrate and manage security tools such as SCA, SAST, DAST, CSPM, and Container Security solutions.
• Track, prioritize, and support the remediation of identified vulnerabilities, validating false positives where applicable.
• Participate in architecture reviews and define security requirements for new or evolving systems.
• Contribute to continuous improvement initiatives in the organization’s security posture and development lifecycle.

Experience :

• 1–3 years of professional experience in software development, IT security, or risk management.
• Hands‑on experience with Docker, Kubernetes, and container ecosystems.
• Experience with security analysis tools for code and container scanning.

Education :

Bachelor’s Degree in Computer Science, Engineering, or a related technical discipline.

Technical :

• Understanding of application security principles, secure coding, and vulnerability management.
• Familiarity with DevSecOps practices and CI / CD security integration.
• Knowledge of SDLC processes and risk assessment methodologies.
• Exposure to cloud environments (AWS, Azure, GCP) is highly desirable.

Soft Skills :

• Strong communication and teamwork abilities.
• Analytical mindset and attention to detail.
• Proactive approach to learning and adapting to emerging threats.

• Security certifications such as OSCP, CKA, CKS, CISSP, or equivalent.
• Previous experience in regulated sectors such as fintech or financial services.
• Technical curiosity, problem‑solving attitude, and a passion for cybersecurity.

• Full‑time, permanent position.
• Hybrid work model (Málaga‑based).
• Opportunity to grow in a multicultural, international environment.
• Smart Office Pack for flexible remote work.
• Continuous training and professional development.
• Comprehensive benefits including private medical and life insurance.
• Exposure to global cybersecurity and risk management projects.

If you have read this far and you are looking forward to joining this challenge, do not hesitate to apply... we would be delighted to meet you!