CrawlJobs Logo

Cyber Security Governance Specialist

prima.it Logo

Prima

Location Icon

Location:
Spain , Madrid

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Are you looking for a new challenge? Fancy helping us shape the future of motor insurance? Prima could be the place for you. Since 2015, we’ve been using our love of data and tech to rethink motor insurance and bring drivers a great experience at a great price. Our story began in Italy, where we’ve quickly become the number one online motor insurance provider. In fact, we’re trusted by over 5 million drivers. And now we’re expanding to help millions more drivers in the UK and Spain. To help fuel that growth, we need a Cyber Security Governance Specialist to join our Security Team. The Engineering Department is the beating heart of Prima. You’ll be joining over 300 engineers across software development, infrastructure, operations and security: fueled by curiosity, experimentation and collaboration, you’ll help deliver scalable, impactful solutions that shape the future of insurance.

Job Responsibility:

  • Contribute to the definition, implementation, and continuous improvement of the cybersecurity governance framework, including policies, procedures, and controls aligned with international standards and regulatory requirements (e.g. ISO/IEC 27001, NIST CSF, COBIT, GDPR, DORA)
  • Perform security audits, gap analyses, and cyber risk assessments, identifying remediation actions and supporting their execution with relevant stakeholders
  • Participate in third-party security and resilience assessments
  • Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities, contributing to Business Impact Analyses (BIA) activities, critical asset dependency mapping, the definition and maintenance of Recovery Time and Recovery Point Objectives (RTOs/RPOs) and participation in business continuity and IT Disaster Recovery tests and exercises (e.g. tabletop simulations)
  • Support cybersecurity awareness initiatives, training programs, and onboarding activities related to security topics

Requirements:

  • 2+ years of experience in cybersecurity governance, risk, compliance, or security assurance roles, either in-house or within a consulting environment, preferably in regulated or complex organisational contexts
  • Proven knowledge of major cybersecurity frameworks (e.g., ISO/IEC 27001, NIST CSF) and regulatory landscapes (GDPR, DORA)
  • Proven experience in developing policies, conducting gap analyses, audit activities and defining remediation plans
  • Familiarity with Business Continuity Management (BCM) and IT Disaster Recovery (DR) concepts, including participation in Business Impact Analyses (BIA), critical asset dependency mapping, definition of RTOs and RPOs and Disaster Recovery tests or exercises
  • Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams

Nice to have:

  • Certifications such as CISSP, CISM, CRISC, ISO/IEC-27001 Lead Implementer/Lead Auditor, ISO 22301
  • Exposure to Business Continuity Management and recovery planning
  • Experience supporting regulatory compliance for new digital operational resilience standards (e.g., DORA)
What we offer:
  • Work from home, the office or a mix of both
  • work from anywhere for up to 30 days a year
  • access to learning resources, mentorship and a growth plan tailored to you
  • private healthcare, gym discounts, wellbeing programs and mental health support

Additional Information:

Job Posted:
January 25, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Prima - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cyber Security Governance Specialist

Information Assurance Specialist

The Information Assurance/Security Engineer will provide security engineering an...
Location
Location
United States , Bethesda
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI Clearance with CI Polygraph
  • Bachelor’s degree in Network Engineering, Computer Science or related technical field plus 5-7 years of Cyber Security/Operations support
  • DoD 8140 IAT Level II Certification (CCNA-Security, CySA+, CND, Security+)
  • Documenting network schemas and cyber operation tool solutions
  • Knowledgeable regarding compliance with: ICD 503, FISMA, OMB, NIST, and DoD (8150.01 March 12, 2014) [Risk Management Framework and Cyber Network Defense…], and other mandated security regulations and standards
  • Knowledge and experience with managing and monitoring compliance with Privileged User Access (PUA), Data Transfer Access (DTA), and Removable Media Custodian (RMC) privileges, forms, and signatures
  • Support to vulnerability management, patching, information assurance and/or ATO process for Classified DoD or IC environments
  • Demonstrated documentation writing for security plans, tests, and reports
  • Must demonstrate strong teamwork, communication (both verbal and written), and presentation skills
  • Must demonstrate strong initiative to accept new technical challenges in complex security engineering assignments
Job Responsibility
Job Responsibility
  • Provide security engineering and information assurance support to the Government’s Assessment and Authorization (A&A) process to maintain Authority to Operate (ATO) and Authority to Connect (ATC) for mission applications and services
  • Designs, develops, monitors and documents security controls, security testing, security reporting, and plan of actions and milestones (POA&Ms) throughout systems and application lifecycles in support of mission systems
  • Provides security engineering design inputs, security design reviews, and security best practices as part of technical and change requests
  • Configures and validates secure systems, physical controls, and tests security products and systems to detect security weaknesses
  • Maintains XACTA security records for supported systems
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Senior Information Technology Specialist

Barbaricum is currently seeking a proficient Senior Information Technology Speci...
Location
Location
United States , Fort Belvoir
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Secret Clearance
  • Bachelor’s degree and 10 years of relevant experience
Job Responsibility
Job Responsibility
  • Support the resolution of IT and system problems, to recommend solutions to higher level IT specialists and management, and to meet assignments as estimated and scheduled
  • Provides technical advice to IT and other professionals and the client
  • Support backup and disaster recovery, cyber security, monitoring, auditing, and compliance, troubleshooting and resolving end user support issues, and delivery of technology solutions
  • Provide verification of operational status of government computer systems and related third party interfaces and comply with Federal regulations, policies, codes, and security and safety standards
  • Experience supporting and managing cloud instance by utilizing elastic cloud computing for resourcing needs
Read More
Arrow Right

Supplier Governance Manager

The role reports into the Senior Manager of Governance and Reporting in our Pers...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
https://www.allianz.com Logo
Allianz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated experience in supplier / vendor management, procurement, or contract administration
  • Strong understanding of governance, risk, and compliance ideally within the financial services industry
  • Excellent verbal and written communication skills
  • Demonstrated understanding of cyber security standards, IT systems, and risk management practices
  • Experience working across Enterprise Risk, Operational Risk, Governance, Legal, Compliance, or Regulatory Assurance
  • High attention to detail with focus on compliance and regulatory requirements
  • Strong analytical and problem-solving skills
  • Experience in managing and fostering strong relationships with internal teams and supplier partners
  • Ability to plan and prioritise effectively, organise tasks and manage competing resources and demands
  • Tertiary qualifications in a relevant discipline
Job Responsibility
Job Responsibility
  • Oversee the onboarding, renewal, and governance of supplier contracts
  • Ensure compliance with procurement, cyber security, IT, as well as risk and regulatory standards
  • Work closely with internal teams to manage supplier supervision and monitoring programs
  • Assess suppliers required to be onboarded
  • Provide oversight over end-to-end supplier onboarding, contract renewals and variations, document execution, supplier governance, and offboarding
  • Oversee negotiations with suppliers
  • Work closely with the Cyber Governance team
  • Maintain accurate records of supplier agreements, risk assessments, compliance documentation, and supervision and monitoring routines
  • Facilitate supervision and monitoring routines
  • Assist with analysing the effectiveness of supplier partnerships
What we offer
What we offer
  • Inclusive Culture
  • Flexible Work-Life Balance
  • Career Development
  • Financial and Well-being Perks
  • Fulltime
Read More
Arrow Right

TPRM Specialist

A highly motivated and hands-on professional to join the Supply Chain Security (...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
levy-professionals.com Logo
Levy Professionals
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge and experience with setting up projects & deliverables within supply chain security / Third-Party Risk Management (TPRM)
  • Proven experience in executing information security risk assessments
  • Knowledgeable on one or more areas such as security processes, technology architectures, network security, application security, and vulnerability management
  • Experience with the ServiceNow TPRM module is a significant advantage
  • HBO or University degree
  • Excellent stakeholder management skills
  • A strong ability to translate technical risks into business risks and vice versa
  • Hands-on, self-organised, willing to finish and deliver (execution power)
  • Service-oriented professional who enjoys taking on an internal consultancy role
  • The working language within the team is English
Job Responsibility
Job Responsibility
  • Govern and manage IT vendor relationships concerning performance on the security aspects of underlying contractual obligations
  • Execute Vendor Security Risk Assessments and perform necessary follow-up actions, focusing on material risks
  • Ensure that information security risks are identified and managed effectively throughout all stages of the relationship with external vendors
  • Review the applicability and quality level of assurance reports issued by third parties
  • Manage the IT security-related part of vendor contracts, working closely with 2nd line functions such as legal, compliance, and procurement on contractual changes
  • Actively stay up-to-date with emerging cyber security trends, risk, and threat developments, and share this knowledge to help integrate them into the assessment program
  • Help solve security-related questions, take initiative, and escalate in time if needed
  • Signal improvements related to the way of working inside the team and contribute to improving the excellence of the service offering
  • Work according to the DevOps & Agile methodology, improving Supply Chain Security services based on user stories
  • Occasionally investigate and resolve incidents as they occur
Read More
Arrow Right

Vp, Information Security

About BlackRock: BlackRock’s purpose is to help more and more people experience ...
Location
Location
China , Shanghai
Salary
Salary:
Not provided
blackrock.com Logo
BlackRock Investments
Expiration Date
April 30, 2026
Flip Icon
Requirements
Requirements
  • At least 10 years of full-time work experience in information security management and/or related functions (Technology Risk Management, Technology Infrastructure Management) with information security management qualifications such as CISSP, SANs, CRISC, CISM etc.
  • Knowledge of enterprise technology platforms, from the desktop through to back end infrastructure would be considered an advantage
  • Exceptional interpersonal skills with ability to communicate with senior leaders and technology teams alike.
  • Ability to work independently and adapt to changing business priorities
  • Detail oriented individual, with a keen eye towards details
  • Experience and good knowledge of Identity Governance and Identity Lifecycle management
  • Proficiencies in one or more of the following technical IT security domains or equivalent: Network Security, Cloud Governance, Cyber Operations, Forensics, Access and Identity Management Governance etc.
  • Knowledge of domestic China cyber and technological regulations, or experience in dealing with regulators and clients in relation to cybersecurity focused topics during regulatory examinations or client due diligence sessions will be a plus
  • Strong proficiencies in both English and Mandarin (Verbal/Written)
  • Hands-on team leadership and management experience, ideally coupled with suitable management qualifications
Job Responsibility
Job Responsibility
  • Be responsible for providing information security leadership in the BEM, driving security activities and projects, as well as developing and optimizing the FMC’s capabilities across core disciplines of Information security
  • Information Security Governance and Reporting
  • Cyber Security Operations Management, in partnership with other BlackRock Entities in China
  • Security Risk Assessments and Vulnerability Management
  • Application Security
  • Maintain and evolve security policies and standards for the BlackRock China, in conjunction with evolving regulatory and operational security requirements
  • Provide security advisory to Business and IT partners in the development of security controls and solutions to manage cyber risks for the firm
  • Identity and Access Management, including privilege access management
  • Compliance to regulatory security requirements
  • Take on the pivotal role in overseeing and governing the AIM program spanning the realms of identity & access governance, entitlements recertification's and associated identity & access lifecycle management procedures. The individual will also be required to guide the AIM Program Lead and provide support in administering the access rights to China employees for required access to core systems where the need arises.
What we offer
What we offer
  • Strong retirement plan
  • Tuition reimbursement
  • Comprehensive healthcare
  • Support for working parents
  • Flexible Time Off (FTO)
  • Fulltime
Read More
Arrow Right

Security Assurance Program Manager

Microsoft's E+P (Edge & Platform) is looking for an exceptional business and tec...
Location
Location
United States , Reston
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 2+ years’ experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection OR equivalent experience
  • Or Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 1+ year(s) experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • Verification of U.S. citizenship
Job Responsibility
Job Responsibility
  • Process Department of Defense (DOD) and Intelligence Community (IC) clearances for employees supporting the Air-gapped Cloud environments
  • Responsible for end-to-end personnel security processing for DOD and IC communities to include initial and crossover clearances, continuous evaluation, reporting requirements, and visit requests
  • Maintains clearance databases and tools to manage clearance related activities
  • Serves as a point of contact to employees, managers, and other security personnel during the clearance process and interface with DOD and IC customers on clearance and compliance standards
  • Contributes to management reports, compliance metrics and audit issues and consult on remediation for reports
  • Manage clearance processing activities assisting the Facility Security Officer (FSO) and the Contractor Specialist Security Officer (CSSO) where applicable
  • Understands and stay updated on Microsoft, DOD and IC policy changes and implement them where applicable
  • Works with some of Microsoft's most important, most demanding customers and partners and will be responsible for all aspects of our services business including: customer satisfaction, services delivery, and operations
  • Conduct routine process assessments by reviewing documentation and monitoring results
  • analyze information to understand what stakeholders can do differently, collaborate with the team to remediate gaps, and drive efficiency for programs
  • Fulltime
Read More
Arrow Right

Cyber Security Specialist

Currently for our Client from banking industry we are looking for a Cyber Securi...
Location
Location
Poland , Gdynia
Salary
Salary:
Not provided
astek.pl Logo
Astek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Previous experience on similar position
  • Strong understanding of security domains, especially security findings assessment and remediation areas, supported by at least 2 years of experience
  • Governance knowledge, proven by experience in at least one of the security findings fields: Workstation vulnerabilities, Servers vulnerabilities, Baseline deviations, Containers vulnerabilities, Static Application Security Testing (SAST), External Attack Surface Management (EASM) findings Threat Modelling findings, API-related findings
  • Advanced trouble-shooting and conceptual skills with the ability to come up with solutions to uncommon problems related to remediation actions
  • Good understanding of risk based approach and risk management
  • Experience in cross-organizational collaboration/negotiation
  • Prepare and deliver presentations to stakeholders, clearly communicating remediation progress, risks, and strategic recommendations
  • Fluent English
Job Responsibility
Job Responsibility
  • Identifying remediation gaps and driving towards their resolution
  • Advising stakeholders on the available solutions and actions that must be undertaken
  • Analyzing scanning results to define concrete steps directed at de-risking the bank
  • Collaborating with remediation accountable and responsible stakeholders
  • Ensuring security findings are understood and remediation pace is adequate
  • Maintain a proactive approach to governance and demonstrate autonomy in task execution
What we offer
What we offer
  • Long-term collaboration
  • Technical training, certifications, and skills development
  • Competence Center mentoring – being a member of the Competence Center community from day one is an opportunity to develop your skills, participate in various conferences, and share knowledge and experience with people who face the same challenges every day
  • Clear career path
  • Employee benefits package (Multisport, private healthcare, life insurance, subsidized city card)
  • Friendly working atmosphere, team-building events, and team-building meetings
Read More
Arrow Right

Cyber Security Governance Specialist

Are you looking for a new challenge? Fancy helping us shape the future of motor ...
Location
Location
Italy , Milan
Salary
Salary:
Not provided
prima.it Logo
Prima
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in cybersecurity governance, risk, compliance, or security assurance roles, either in-house or within a consulting environment, preferably in regulated or complex organisational contexts
  • Proven knowledge of major cybersecurity frameworks (e.g., ISO/IEC 27001, NIST CSF) and regulatory landscapes (GDPR, DORA)
  • Proven experience in developing policies, conducting gap analyses, audit activities and defining remediation plans
  • Familiarity with Business Continuity Management (BCM) and IT Disaster Recovery (DR) concepts, including participation in Business Impact Analyses (BIA), critical asset dependency mapping, definition of RTOs and RPOs and Disaster Recovery tests or exercises
  • Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams
Job Responsibility
Job Responsibility
  • Contribute to the definition, implementation, and continuous improvement of the cybersecurity governance framework, including policies, procedures, and controls aligned with international standards and regulatory requirements (e.g. ISO/IEC 27001, NIST CSF, COBIT, GDPR, DORA)
  • Perform security audits, gap analyses, and cyber risk assessments, identifying remediation actions and supporting their execution with relevant stakeholders
  • Participate in third-party security and resilience assessments
  • Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities, contributing to Business Impact Analyses (BIA) activities, critical asset dependency mapping, the definition and maintenance of Recovery Time and Recovery Point Objectives (RTOs/RPOs) and participation in business continuity and IT Disaster Recovery tests and exercises (e.g. tabletop simulations)
  • Support cybersecurity awareness initiatives, training programs, and onboarding activities related to security topics
What we offer
What we offer
  • Work Your Way: Enjoy full flexibility – work from home, the office or a mix of both
  • Grow with us: We may move fast at Prima, but we move together. Get access to learning resources, mentorship and a growth plan tailored to you
  • Thrive and perform: Your best work begins when you feel your best. Enjoy private healthcare, gym discounts, wellbeing programs and mental health support
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy