CrawlJobs Logo

Cyber Security Governance Specialist

Spain, Madrid · Job Posted January 25, 2026
Apply Position
Job Link Share

Job Description

Are you looking for a new challenge? Fancy helping us shape the future of motor insurance? Prima could be the place for you. Since 2015, we’ve been using our love of data and tech to rethink motor insurance and bring drivers a great experience at a great price. Our story began in Italy, where we’ve quickly become the number one online motor insurance provider. In fact, we’re trusted by over 5 million drivers. And now we’re expanding to help millions more drivers in the UK and Spain. To help fuel that growth, we need a Cyber Security Governance Specialist to join our Security Team. The Engineering Department is the beating heart of Prima. You’ll be joining over 300 engineers across software development, infrastructure, operations and security: fueled by curiosity, experimentation and collaboration, you’ll help deliver scalable, impactful solutions that shape the future of insurance.

Job Responsibility

  • Contribute to the definition, implementation, and continuous improvement of the cybersecurity governance framework, including policies, procedures, and controls aligned with international standards and regulatory requirements (e.g. ISO/IEC 27001, NIST CSF, COBIT, GDPR, DORA)
  • Perform security audits, gap analyses, and cyber risk assessments, identifying remediation actions and supporting their execution with relevant stakeholders
  • Participate in third-party security and resilience assessments
  • Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities, contributing to Business Impact Analyses (BIA) activities, critical asset dependency mapping, the definition and maintenance of Recovery Time and Recovery Point Objectives (RTOs/RPOs) and participation in business continuity and IT Disaster Recovery tests and exercises (e.g. tabletop simulations)
  • Support cybersecurity awareness initiatives, training programs, and onboarding activities related to security topics

Requirements

  • 2+ years of experience in cybersecurity governance, risk, compliance, or security assurance roles, either in-house or within a consulting environment, preferably in regulated or complex organisational contexts
  • Proven knowledge of major cybersecurity frameworks (e.g., ISO/IEC 27001, NIST CSF) and regulatory landscapes (GDPR, DORA)
  • Proven experience in developing policies, conducting gap analyses, audit activities and defining remediation plans
  • Familiarity with Business Continuity Management (BCM) and IT Disaster Recovery (DR) concepts, including participation in Business Impact Analyses (BIA), critical asset dependency mapping, definition of RTOs and RPOs and Disaster Recovery tests or exercises
  • Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams

Nice to have

  • Certifications such as CISSP, CISM, CRISC, ISO/IEC-27001 Lead Implementer/Lead Auditor, ISO 22301
  • Exposure to Business Continuity Management and recovery planning
  • Experience supporting regulatory compliance for new digital operational resilience standards (e.g., DORA)

What we offer

  • Work from home, the office or a mix of both
  • work from anywhere for up to 30 days a year
  • access to learning resources, mentorship and a growth plan tailored to you
  • private healthcare, gym discounts, wellbeing programs and mental health support

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Cyber Security Governance Specialist

8 matching positions

Cyber Security Governance Specialist

Are you looking for a new challenge? Fancy helping us shape the future of motor ...
Location
Location
Italy , Milan
Salary
Salary:
Not provided
prima.it Logo
Prima
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in cybersecurity governance, risk, compliance, or security assurance roles, either in-house or within a consulting environment, preferably in regulated or complex organisational contexts
  • Proven knowledge of major cybersecurity frameworks (e.g., ISO/IEC 27001, NIST CSF) and regulatory landscapes (GDPR, DORA)
  • Proven experience in developing policies, conducting gap analyses, audit activities and defining remediation plans
  • Familiarity with Business Continuity Management (BCM) and IT Disaster Recovery (DR) concepts, including participation in Business Impact Analyses (BIA), critical asset dependency mapping, definition of RTOs and RPOs and Disaster Recovery tests or exercises
  • Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams
Job Responsibility
Job Responsibility
  • Contribute to the definition, implementation, and continuous improvement of the cybersecurity governance framework, including policies, procedures, and controls aligned with international standards and regulatory requirements (e.g. ISO/IEC 27001, NIST CSF, COBIT, GDPR, DORA)
  • Perform security audits, gap analyses, and cyber risk assessments, identifying remediation actions and supporting their execution with relevant stakeholders
  • Participate in third-party security and resilience assessments
  • Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities, contributing to Business Impact Analyses (BIA) activities, critical asset dependency mapping, the definition and maintenance of Recovery Time and Recovery Point Objectives (RTOs/RPOs) and participation in business continuity and IT Disaster Recovery tests and exercises (e.g. tabletop simulations)
  • Support cybersecurity awareness initiatives, training programs, and onboarding activities related to security topics
What we offer
What we offer
  • Work Your Way: Enjoy full flexibility – work from home, the office or a mix of both
  • Grow with us: We may move fast at Prima, but we move together. Get access to learning resources, mentorship and a growth plan tailored to you
  • Thrive and perform: Your best work begins when you feel your best. Enjoy private healthcare, gym discounts, wellbeing programs and mental health support
  • Fulltime
Read More
Arrow Right

Cyber Security Specialist

The Cyber Security Specialist will work as part of a team to deliver high qualit...
Location
Location
United Kingdom , Portsmouth
Salary
Salary:
33980.34 - 36035.26 GBP / Year
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Excellent experience of working in a support environment and understanding customer needs
  • Qualification or Industry experience of working within Cyber Security
  • Good level of understanding of Hardware, Virtualisation, Active Directory and Software
  • Good level of understanding of Microsoft Active Directory including Azure AD
  • Strong interpersonal skills, maintaining an approachable demeanour to aid a positive first impression and rapport building
  • Proficiency with a range of IT systems and software, including knowledge of operating systems, network fundamentals and common office applications.
Job Responsibility
Job Responsibility
  • Deliver high quality customer support in the troubleshooting and resolution of technical support issues
  • Providing expertise to support the Planning and development of IT
  • Supporting 1st line teams
  • Update the ticketing system, ensuring the call has been logged and all notes, progress and required actions have been input promptly and accurately
  • Escalating and managing issues with 3rd line and 3rd parties
  • Assisting in projects as required
  • Resolving and assisting with general IT Support tickets
  • Provide: Desktop Support, Hardware Repairs, Software Installation as required
  • Support hardware refreshes
  • Where required, represent the college and or IT Team in meetings / presentations / Conferences
What we offer
What we offer
  • Annual Leave: 25 days total and closure for winter shutdown period in line with Hampshire County Council school holidays & statutory bank holidays
  • Pension: Generous Local Government pension
  • Learning & Development: Programmes by The Community Adult Education Department
  • Staff Development: Access to the College staff development programmes and CPD
  • Onsite Discounts: City of Portsmouth College Hair Salon & 50% off at the City of Portsmouth College Sports Centre
  • Online Discounts: Unidays, Student Beans, and Totum with a City of Portsmouth College email address
  • Parking: Free car parking across all campus sites (apart from Arundel)
  • Blue Light Card: providing several discounts for clothing, electrical goods, food and days out, even concert tickets!
  • Fulltime
Read More
Arrow Right

Cyber Security Specialist (GRC)

As a Cyber Security Specialist, you will be integrated into the Portugal Cyber S...
Location
Location
Portugal , Lisboa
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree, professional qualification or relevant experience in Technology Security
  • Experience in cyber security risk management, governance and control frameworks
  • Experience supporting risk registers, control assessments, audits or assurance activities
  • Knowledge of information security and risk management standards (ex: ISO/IEC 27001, NIST, COBIT)
  • Strong understanding of cyber security threats and ability to assess business and operational impact
  • Experience working with policies, standards, controls and compliance requirements
  • Strong communication skills, with the ability to explain cyber risks and control gaps in clear business language
  • Ability to work effectively across technical and non‑technical stakeholders, balancing security, risk and business needs
  • Fluency in the English language
Job Responsibility
Job Responsibility
  • Integrated into the Portugal Cyber Security Governance, Risk & Control function, with responsibility for ensuring that cyber security risks are identified, assessed, governed and managed within Vodafone’s risk tolerance
  • Contributing to the three main areas: Cyber Risk Management, Security Governance and Control Assurance
  • Act as a Cyber GRC Subject Matter Expert to enable technical and business teams to operate Vodafone products and services in a secure and compliant manner, with strong focus on cyber risk, policy adherence and control effectiveness
  • Ensuring that cyber security risks are properly identified, assessed, governed and managed, that security controls are effectively implemented and evidenced, and that all governance processes supporting those controls are in place, in line with Vodafone Group cyber security strategy and local market technology and business priorities
  • Follow up on risks, controls and remediation actions throughout their lifecycle, ensuring proper understanding of cyber security requirements, analysing, classifying and prioritising cyber risks according to business context, and supporting informed risk decisions
  • Report to the Cyber Security GRC Team Lead in Portugal and be an active part of the local market Cyber Security team, supporting effective collaboration with local structures such as Network, Digital & IT, Secure by Design, Cyber Defence, Corporate Security, Privacy, Legal, Risk and Compliance, among others
What we offer
What we offer
  • Hybrid Work Model - Flexible hybrid work model with 8-10 in-office days per month, managed by team leaders
  • Vodafone Products and Services - Employees get a mobile phone, free communication plan, data card, and various discounts on services and products
  • Recognition - Recognition programs for innovative, creative, high-potential employees and exemplary behaviors
  • Health and Well-being - Well-being Program offers nutrition and psychological consultations, webinars, workshops, and discounts on various services and products
  • Learning - Access to Communities of Practice and a customizable digital training platform with high-quality content (namely Harvard Business Publishing and Skillsoft)
  • Local and International Mobility - Internal recruitment with local and international rotation opportunities across departments and roles
Read More
Arrow Right
New

Cyber Security Support Specialist

Amentum is seeking a Cyber Security Support Specialist for a position on Kauai, ...
Location
Location
United States , Waimea
Salary
Salary:
35.26 USD / Hour
amentum.com Logo
Amentum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge of basic computer skills including Microsoft applications
  • Information Technology experience
  • Ability to learn technical procedures and concepts
  • Ability to maintain confidentiality of sensitive information
  • Ability to work independently and as part of a team
  • High School or equivalent
  • Completion of high school courses in computer science, information technology, or cybersecurity
  • DoD 8570/8140: IAM I
  • Must be able to obtain and maintain a Secret US Government Clearance
  • US Citizenship is required to obtain and maintain a Secret Clearance
Job Responsibility
Job Responsibility
  • Assist in all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction
  • Supports all ISSO duties and responsibilities in DODI 8500.01, DODI 8510.01, and U.S. Navy Policy
  • Supports all activities related to NIST RMF Assessment & Authorization (A&A) process and other policies for the administration and safeguarding of US and foreign Government classified and unclassified information as it pertains to networks, standalone computer systems, and data encryption
What we offer
What we offer
  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance
  • Parttime
Read More
Arrow Right

Cyber Security Compliance Specialist

We are seeking a Cyber Security Compliance Specialist to drive and sustain compl...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced in Information Security Governance, Risk, and Compliance within a large or multi-market environment
  • Knowledgeable in security governance frameworks and compliance lifecycle management
  • Skilled in supporting audits, assurance reviews, and regulatory compliance activities
  • Comfortable coordinating with diverse stakeholders across Technology, Architecture, and Operations
  • Familiar with IT service management concepts and frameworks such as ITIL
  • Possess working knowledge of infrastructure, operating systems (Windows, Unix/Linux), middleware, and cloud environments from a governance perspective
  • Able to translate high-level security requirements into practical compliance actions
  • Highly organised with strong attention to detail and the ability to manage multiple priorities
  • Confident communicator with strong written and verbal English skills
  • Professionally qualified with certifications such as CISM or equivalent, ISO27001 training, and proficiency in Microsoft Office (including advanced Excel) and Microsoft Power Platform tools
Job Responsibility
Job Responsibility
  • Ensure adherence to Vodafone’s Cyber Security Baseline requirements and CHARM control framework
  • Drive lifecycle compliance for security controls such as hardening, patching, and vulnerability management across IT, cloud, and network domains
  • Perform and support periodic control assessments, operational effectiveness reviews, and evidence validation activities
  • Contribute to internal and external audits (e.g. Internal Audit, Group Cyber Assurance), including evidence preparation and remediation tracking
  • Provide governance oversight and security input for systems under development or undergoing significant change
  • Maintain, analyse, and present compliance dashboards, metrics, and trends to enable risk-based decisions
  • Participate in cyber risk assessments, including identification, analysis, and mitigation tracking
  • Collaborate with stakeholders including Technology, Architecture, Service Owners, and Local Markets to address control gaps and risks
  • Support continuous improvement of compliance processes, including standardisation and automation initiatives
What we offer
What we offer
  • Opportunity to work within a global cyber security and compliance ecosystem
  • Exposure to large-scale, multi-market technology environments
  • Involvement in high-impact audit and assurance programmes
  • Collaborative working environment with cross-functional stakeholders
  • Continuous learning and professional development in cyber security governance and compliance practices
  • Fulltime
Read More
Arrow Right

Cyber Security Assurance Specialist

We are seeking a Cyber Security Assurance Specialist to lead control testing and...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 3+ years of technical experience in cyber assurance or control testing within complex IT or telecommunications environments
  • Strong understanding of security risks, processes, and technologies, including telecom-specific risks
  • Skilled in technical control testing, assurance, and compliance
  • Excellent analytical, problem-solving, and stakeholder management skills
  • Familiarity with ISO27001 and NIST frameworks
  • Knowledge of technologies including web applications, infrastructure, operating systems, and cloud environments
  • Ability to work in a global environment and adapt communication style to diverse audiences
Job Responsibility
Job Responsibility
  • Maintain an up-to-date view of control effectiveness and compliance with security standards
  • Plan, organise, and execute deep-dive control tests across IT, Mobile, and Fixed Telecommunications environments
  • Document findings, recommend remediation actions, and prepare management reports
  • Track remediation progress and collaborate with stakeholders on overdue actions
  • Drive automated control testing and evolve assurance methodologies
  • Provide guidance on best practices for security assurance and control testing
  • Prepare metrics and KPIs on control effectiveness and report to governance bodies
What we offer
What we offer
  • Opportunity to work on global cyber security assurance programmes
  • Exposure to cutting-edge technologies and security frameworks
  • Collaborative work environment with diverse stakeholders
  • Career growth through continuous learning and development
Read More
Arrow Right

Cyber Security IAM & PKI Specialist

Manage full lifecycle of IAM security service and controls for whole Bombardier,...
Location
Location
Canada
Salary
Salary:
86200.00 - 135400.00 CAD / Year
bombardier.com Logo
Bombardier
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • You hold a bachelor's degree in cyber security, information security, computer science, or relevant field of study
  • You have over 6 years of experience with identity lifecycle management (Joiner/Mover/Leaver), access governance, and least-privilege access models
  • You have a strong knowledge of authentication and authorization protocols (SAML, OAuth 2.0, OpenID Connect, LDAP, Kerberos)
  • You have hands-on experience with enterprise IAM (Identity & Access Management) platforms (e.g., Azure Entra ID, SailPoint, Okta, CyberArk, MFA)
  • You have proven experience designing, operating, and evolving enterprise PKI (Public Key Infrastructure) environments (internal and public CAs)
  • You have a strong understanding of certificate lifecycle management, TLS/SSL, and cryptographic trust models
Job Responsibility
Job Responsibility
  • Manage full lifecycle of IAM security service and controls for whole Bombardier, including technical, commercial, licencing and process aspects
  • Manage service SLAs and KPIs, overall quality of IAM service deliverables and drive continuous improvement
  • Manage key stakeholders of IAM security services
  • Coordinate creation and maintenance of processes and designs for new or improved IAM security services with technical understanding of high level concepts
  • Verify that IAM security services are implementing business objectives
  • Creates and develops identity and access management policy, concepts and controls using Bombardier's existing IAM structure consisting of various technology solutions
  • Analyzes, identifies, and remediates privileged access risk throughout electronic systems
  • Harden and improve capabilities to better control access to Bombardier data, systems and infrastructure
  • Recommends and develops new, advanced technological solutions to increase efficiency of controls
  • Develops and maintains identify and access management processes which can be detailed into technical, operational and service procedures, as well as process workflows for operational/applications teams
What we offer
What we offer
  • Insurance plans (Dental, medical, life insurance, disability, and more)
  • Competitive base salary
  • Retirement savings plan
  • Employee Assistance Program
  • TeleHealth Program
  • Fulltime
Read More
Arrow Right

Cyber Security IAM & PKI Specialist

At Bombardier, we design, build and maintain the world’s peak-performing aircraf...
Location
Location
Canada
Salary
Salary:
Not provided
bombardier.com Logo
Bombardier
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • You hold a bachelor’s degree in cyber security, information security, computer science, or relevant field of study
  • You have over 6 years of experience with identity lifecycle management (Joiner/Mover/Leaver), access governance, and least‑privilege access models
  • You have a strong knowledge of authentication and authorization protocols (SAML, OAuth 2.0, OpenID Connect, LDAP, Kerberos)
  • You have hands‑on experience with enterprise IAM platforms (e.g., Azure Entra ID, SailPoint, Okta, CyberArk, MFA)
  • You have proven experience designing, operating, and evolving enterprise PKI environments (internal and public CAs)
  • You have a strong understanding of certificate lifecycle management, TLS/SSL, and cryptographic trust models
  • You have experience securing non‑human identities such as applications, services, workloads, and APIs
  • You have experience with human identities in medium to high trust environments such as formal digital signature of documents and software
  • You are familiar with key management practices, HSMs, and cloud‑native key services
  • You have experience integrating IAM and PKI signals into SIEM/XDR platforms
Job Responsibility
Job Responsibility
  • Identity Architect - Act as the SME (Subject Matter Expert) for the identity technology stack, plan and prioritize the technology roadmap, track deployments
  • PKI (Public Key Infrastructure) Specialist - Own, develop and drive the current state and future state plan for PKI
  • Identity Threat Engineer/Specialist - Collaborate with the SOC (Security Operations Centre) to mature and enhance telemetry, processes and response to cyber threats
What we offer
What we offer
  • Insurance plans (Dental, medical, life insurance, disability, and more)
  • Competitive base salary
  • Retirement savings plan
  • Employee Assistance Program
  • Tele Health Program
  • Fulltime
Read More
Arrow Right