CrawlJobs Logo

Cyber Security Governance Specialist

prima.it Logo

Prima

Location Icon

Location:
Spain , Madrid

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Are you looking for a new challenge? Fancy helping us shape the future of motor insurance? Prima could be the place for you. Since 2015, we’ve been using our love of data and tech to rethink motor insurance and bring drivers a great experience at a great price. Our story began in Italy, where we’ve quickly become the number one online motor insurance provider. In fact, we’re trusted by over 5 million drivers. And now we’re expanding to help millions more drivers in the UK and Spain. To help fuel that growth, we need a Cyber Security Governance Specialist to join our Security Team. The Engineering Department is the beating heart of Prima. You’ll be joining over 300 engineers across software development, infrastructure, operations and security: fueled by curiosity, experimentation and collaboration, you’ll help deliver scalable, impactful solutions that shape the future of insurance.

Job Responsibility:

  • Contribute to the definition, implementation, and continuous improvement of the cybersecurity governance framework, including policies, procedures, and controls aligned with international standards and regulatory requirements (e.g. ISO/IEC 27001, NIST CSF, COBIT, GDPR, DORA)
  • Perform security audits, gap analyses, and cyber risk assessments, identifying remediation actions and supporting their execution with relevant stakeholders
  • Participate in third-party security and resilience assessments
  • Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities, contributing to Business Impact Analyses (BIA) activities, critical asset dependency mapping, the definition and maintenance of Recovery Time and Recovery Point Objectives (RTOs/RPOs) and participation in business continuity and IT Disaster Recovery tests and exercises (e.g. tabletop simulations)
  • Support cybersecurity awareness initiatives, training programs, and onboarding activities related to security topics

Requirements:

  • 2+ years of experience in cybersecurity governance, risk, compliance, or security assurance roles, either in-house or within a consulting environment, preferably in regulated or complex organisational contexts
  • Proven knowledge of major cybersecurity frameworks (e.g., ISO/IEC 27001, NIST CSF) and regulatory landscapes (GDPR, DORA)
  • Proven experience in developing policies, conducting gap analyses, audit activities and defining remediation plans
  • Familiarity with Business Continuity Management (BCM) and IT Disaster Recovery (DR) concepts, including participation in Business Impact Analyses (BIA), critical asset dependency mapping, definition of RTOs and RPOs and Disaster Recovery tests or exercises
  • Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams

Nice to have:

  • Certifications such as CISSP, CISM, CRISC, ISO/IEC-27001 Lead Implementer/Lead Auditor, ISO 22301
  • Exposure to Business Continuity Management and recovery planning
  • Experience supporting regulatory compliance for new digital operational resilience standards (e.g., DORA)
What we offer:
  • Work from home, the office or a mix of both
  • work from anywhere for up to 30 days a year
  • access to learning resources, mentorship and a growth plan tailored to you
  • private healthcare, gym discounts, wellbeing programs and mental health support

Additional Information:

Job Posted:
January 25, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Prima - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cyber Security Governance Specialist

Information Assurance Specialist

The Information Assurance/Security Engineer will provide security engineering an...
Location
Location
United States , Bethesda
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI Clearance with CI Polygraph
  • Bachelor’s degree in Network Engineering, Computer Science or related technical field plus 5-7 years of Cyber Security/Operations support
  • DoD 8140 IAT Level II Certification (CCNA-Security, CySA+, CND, Security+)
  • Documenting network schemas and cyber operation tool solutions
  • Knowledgeable regarding compliance with: ICD 503, FISMA, OMB, NIST, and DoD (8150.01 March 12, 2014) [Risk Management Framework and Cyber Network Defense…], and other mandated security regulations and standards
  • Knowledge and experience with managing and monitoring compliance with Privileged User Access (PUA), Data Transfer Access (DTA), and Removable Media Custodian (RMC) privileges, forms, and signatures
  • Support to vulnerability management, patching, information assurance and/or ATO process for Classified DoD or IC environments
  • Demonstrated documentation writing for security plans, tests, and reports
  • Must demonstrate strong teamwork, communication (both verbal and written), and presentation skills
  • Must demonstrate strong initiative to accept new technical challenges in complex security engineering assignments
Job Responsibility
Job Responsibility
  • Provide security engineering and information assurance support to the Government’s Assessment and Authorization (A&A) process to maintain Authority to Operate (ATO) and Authority to Connect (ATC) for mission applications and services
  • Designs, develops, monitors and documents security controls, security testing, security reporting, and plan of actions and milestones (POA&Ms) throughout systems and application lifecycles in support of mission systems
  • Provides security engineering design inputs, security design reviews, and security best practices as part of technical and change requests
  • Configures and validates secure systems, physical controls, and tests security products and systems to detect security weaknesses
  • Maintains XACTA security records for supported systems
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Cyber Security Specialist (GRC)

As a Cyber Security Specialist, you will be integrated into the Portugal Cyber S...
Location
Location
Portugal , Lisboa
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree, professional qualification or relevant experience in Technology Security
  • Experience in cyber security risk management, governance and control frameworks
  • Experience supporting risk registers, control assessments, audits or assurance activities
  • Knowledge of information security and risk management standards (ex: ISO/IEC 27001, NIST, COBIT)
  • Strong understanding of cyber security threats and ability to assess business and operational impact
  • Experience working with policies, standards, controls and compliance requirements
  • Strong communication skills, with the ability to explain cyber risks and control gaps in clear business language
  • Ability to work effectively across technical and non‑technical stakeholders, balancing security, risk and business needs
  • Fluency in the English language
Job Responsibility
Job Responsibility
  • Integrated into the Portugal Cyber Security Governance, Risk & Control function, with responsibility for ensuring that cyber security risks are identified, assessed, governed and managed within Vodafone’s risk tolerance
  • Contributing to the three main areas: Cyber Risk Management, Security Governance and Control Assurance
  • Act as a Cyber GRC Subject Matter Expert to enable technical and business teams to operate Vodafone products and services in a secure and compliant manner, with strong focus on cyber risk, policy adherence and control effectiveness
  • Ensuring that cyber security risks are properly identified, assessed, governed and managed, that security controls are effectively implemented and evidenced, and that all governance processes supporting those controls are in place, in line with Vodafone Group cyber security strategy and local market technology and business priorities
  • Follow up on risks, controls and remediation actions throughout their lifecycle, ensuring proper understanding of cyber security requirements, analysing, classifying and prioritising cyber risks according to business context, and supporting informed risk decisions
  • Report to the Cyber Security GRC Team Lead in Portugal and be an active part of the local market Cyber Security team, supporting effective collaboration with local structures such as Network, Digital & IT, Secure by Design, Cyber Defence, Corporate Security, Privacy, Legal, Risk and Compliance, among others
What we offer
What we offer
  • Hybrid Work Model - Flexible hybrid work model with 8-10 in-office days per month, managed by team leaders
  • Vodafone Products and Services - Employees get a mobile phone, free communication plan, data card, and various discounts on services and products
  • Recognition - Recognition programs for innovative, creative, high-potential employees and exemplary behaviors
  • Health and Well-being - Well-being Program offers nutrition and psychological consultations, webinars, workshops, and discounts on various services and products
  • Learning - Access to Communities of Practice and a customizable digital training platform with high-quality content (namely Harvard Business Publishing and Skillsoft)
  • Local and International Mobility - Internal recruitment with local and international rotation opportunities across departments and roles
Read More
Arrow Right

Senior Information Technology Specialist

Barbaricum is currently seeking a proficient Senior Information Technology Speci...
Location
Location
United States , Fort Belvoir
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Secret Clearance
  • Bachelor’s degree and 10 years of relevant experience
Job Responsibility
Job Responsibility
  • Support the resolution of IT and system problems, to recommend solutions to higher level IT specialists and management, and to meet assignments as estimated and scheduled
  • Provides technical advice to IT and other professionals and the client
  • Support backup and disaster recovery, cyber security, monitoring, auditing, and compliance, troubleshooting and resolving end user support issues, and delivery of technology solutions
  • Provide verification of operational status of government computer systems and related third party interfaces and comply with Federal regulations, policies, codes, and security and safety standards
  • Experience supporting and managing cloud instance by utilizing elastic cloud computing for resourcing needs
Read More
Arrow Right

Supplier Governance Manager

The role reports into the Senior Manager of Governance and Reporting in our Pers...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
https://www.allianz.com Logo
Allianz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated experience in supplier / vendor management, procurement, or contract administration
  • Strong understanding of governance, risk, and compliance ideally within the financial services industry
  • Excellent verbal and written communication skills
  • Demonstrated understanding of cyber security standards, IT systems, and risk management practices
  • Experience working across Enterprise Risk, Operational Risk, Governance, Legal, Compliance, or Regulatory Assurance
  • High attention to detail with focus on compliance and regulatory requirements
  • Strong analytical and problem-solving skills
  • Experience in managing and fostering strong relationships with internal teams and supplier partners
  • Ability to plan and prioritise effectively, organise tasks and manage competing resources and demands
  • Tertiary qualifications in a relevant discipline
Job Responsibility
Job Responsibility
  • Oversee the onboarding, renewal, and governance of supplier contracts
  • Ensure compliance with procurement, cyber security, IT, as well as risk and regulatory standards
  • Work closely with internal teams to manage supplier supervision and monitoring programs
  • Assess suppliers required to be onboarded
  • Provide oversight over end-to-end supplier onboarding, contract renewals and variations, document execution, supplier governance, and offboarding
  • Oversee negotiations with suppliers
  • Work closely with the Cyber Governance team
  • Maintain accurate records of supplier agreements, risk assessments, compliance documentation, and supervision and monitoring routines
  • Facilitate supervision and monitoring routines
  • Assist with analysing the effectiveness of supplier partnerships
What we offer
What we offer
  • Inclusive Culture
  • Flexible Work-Life Balance
  • Career Development
  • Financial and Well-being Perks
  • Fulltime
Read More
Arrow Right

TPRM Specialist

A highly motivated and hands-on professional to join the Supply Chain Security (...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
levy-professionals.com Logo
Levy Professionals
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge and experience with setting up projects & deliverables within supply chain security / Third-Party Risk Management (TPRM)
  • Proven experience in executing information security risk assessments
  • Knowledgeable on one or more areas such as security processes, technology architectures, network security, application security, and vulnerability management
  • Experience with the ServiceNow TPRM module is a significant advantage
  • HBO or University degree
  • Excellent stakeholder management skills
  • A strong ability to translate technical risks into business risks and vice versa
  • Hands-on, self-organised, willing to finish and deliver (execution power)
  • Service-oriented professional who enjoys taking on an internal consultancy role
  • The working language within the team is English
Job Responsibility
Job Responsibility
  • Govern and manage IT vendor relationships concerning performance on the security aspects of underlying contractual obligations
  • Execute Vendor Security Risk Assessments and perform necessary follow-up actions, focusing on material risks
  • Ensure that information security risks are identified and managed effectively throughout all stages of the relationship with external vendors
  • Review the applicability and quality level of assurance reports issued by third parties
  • Manage the IT security-related part of vendor contracts, working closely with 2nd line functions such as legal, compliance, and procurement on contractual changes
  • Actively stay up-to-date with emerging cyber security trends, risk, and threat developments, and share this knowledge to help integrate them into the assessment program
  • Help solve security-related questions, take initiative, and escalate in time if needed
  • Signal improvements related to the way of working inside the team and contribute to improving the excellence of the service offering
  • Work according to the DevOps & Agile methodology, improving Supply Chain Security services based on user stories
  • Occasionally investigate and resolve incidents as they occur
Read More
Arrow Right

Cloud Cyber Security Solutions Architect

Location
Location
Canada , Ottawa
Salary
Salary:
Not provided
myticas.com Logo
Myticas Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in IT / Cyber Security (cloud environments)
  • 3+ years as a Cloud Security Architect or senior specialist
  • experience in regulated enterprise environments
  • strong experience with cloud security architecture and governance
  • proven ability to assess security posture and define target-state architecture
  • experience with risk assessment, control gaps, and remediation
  • must be eligible for Secret clearance
  • must have required hardware for secure remote access (Windows 11, MFA capability, etc.)
Job Responsibility
Job Responsibility
  • Provide cloud security, cyber security, and technology risk advisory services
  • assess current and target-state cloud security architectures
  • identify security risks, control gaps, and recommend mitigation strategies
  • design and govern cloud security controls (IAM, network security, data protection, monitoring)
  • develop security standards, policies, and reusable architecture artifacts
  • conduct threat modelling for cloud and migration initiatives
  • translate technical risks into business impacts and recommendations
  • support implementation, governance, and compliance activities
  • deliver documentation, reporting, and stakeholder presentations
  • provide SME guidance and knowledge transfer to internal teams
Read More
Arrow Right
New

Cyber Security Specialist

The Cyber Security Specialist will work as part of a team to deliver high qualit...
Location
Location
United Kingdom , Portsmouth
Salary
Salary:
33980.34 - 36035.26 GBP / Year
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Excellent experience of working in a support environment and understanding customer needs
  • Qualification or Industry experience of working within Cyber Security
  • Good level of understanding of Hardware, Virtualisation, Active Directory and Software
  • Good level of understanding of Microsoft Active Directory including Azure AD
  • Strong interpersonal skills, maintaining an approachable demeanour to aid a positive first impression and rapport building
  • Proficiency with a range of IT systems and software, including knowledge of operating systems, network fundamentals and common office applications.
Job Responsibility
Job Responsibility
  • Deliver high quality customer support in the troubleshooting and resolution of technical support issues
  • Providing expertise to support the Planning and development of IT
  • Supporting 1st line teams
  • Update the ticketing system, ensuring the call has been logged and all notes, progress and required actions have been input promptly and accurately
  • Escalating and managing issues with 3rd line and 3rd parties
  • Assisting in projects as required
  • Resolving and assisting with general IT Support tickets
  • Provide: Desktop Support, Hardware Repairs, Software Installation as required
  • Support hardware refreshes
  • Where required, represent the college and or IT Team in meetings / presentations / Conferences
What we offer
What we offer
  • Annual Leave: 25 days total and closure for winter shutdown period in line with Hampshire County Council school holidays & statutory bank holidays
  • Pension: Generous Local Government pension
  • Learning & Development: Programmes by The Community Adult Education Department
  • Staff Development: Access to the College staff development programmes and CPD
  • Onsite Discounts: City of Portsmouth College Hair Salon & 50% off at the City of Portsmouth College Sports Centre
  • Online Discounts: Unidays, Student Beans, and Totum with a City of Portsmouth College email address
  • Parking: Free car parking across all campus sites (apart from Arundel)
  • Blue Light Card: providing several discounts for clothing, electrical goods, food and days out, even concert tickets!
  • Fulltime
Read More
Arrow Right

Security Assurance Program Manager

Microsoft's E+P (Edge & Platform) is looking for an exceptional business and tec...
Location
Location
United States , Reston
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 2+ years’ experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection OR equivalent experience
  • Or Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 1+ year(s) experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • Verification of U.S. citizenship
Job Responsibility
Job Responsibility
  • Process Department of Defense (DOD) and Intelligence Community (IC) clearances for employees supporting the Air-gapped Cloud environments
  • Responsible for end-to-end personnel security processing for DOD and IC communities to include initial and crossover clearances, continuous evaluation, reporting requirements, and visit requests
  • Maintains clearance databases and tools to manage clearance related activities
  • Serves as a point of contact to employees, managers, and other security personnel during the clearance process and interface with DOD and IC customers on clearance and compliance standards
  • Contributes to management reports, compliance metrics and audit issues and consult on remediation for reports
  • Manage clearance processing activities assisting the Facility Security Officer (FSO) and the Contractor Specialist Security Officer (CSSO) where applicable
  • Understands and stay updated on Microsoft, DOD and IC policy changes and implement them where applicable
  • Works with some of Microsoft's most important, most demanding customers and partners and will be responsible for all aspects of our services business including: customer satisfaction, services delivery, and operations
  • Conduct routine process assessments by reviewing documentation and monitoring results
  • analyze information to understand what stakeholders can do differently, collaborate with the team to remediate gaps, and drive efficiency for programs
  • Fulltime
Read More
Arrow Right