CrawlJobs Logo
Airbus Logo Airbus · IT - Administration

Information Security Integration and Governance Specialist

Spain, Getafe Area · Job Posted February 22, 2026
Apply Position
Job Link Share

Job Description

Within Airbus Defence and Space SAU, Corporate Security operates under a holistic approach, protecting our people, our industrial assets, our products and services and our information. Given the frame where we operate, the team is characterized by a culture of proactive risk management and rigorous regulatory compliance. Given the constant evolution of threats and regulatory frameworks, the role we seek to fill is essential for bridging the gap between corporate security requirements and the technical execution by the Digital team. We are looking for a professional with an integral vision to join our team as an Information Security Integration and Governance Specialist. This role is the strategic nexus between the corporation´s security guidelines and the technical implementation by Digital, ensuring that protection standards are effectively translated into the daily technological architecture and operations. This position is crucial for keeping our risk posture under control and ensuring strict adherence to local and international regulations, directly contributing to the organizatións resilience and compliance.

Job Responsibility

  • Strategic Interconnection: Act as the interface and point of contact between the Corporate Security area and the Digital area, translating security requirements into applicable technical solutions
  • Risk Management and Analysis: Lead the analysis, assessment, and treatment of security risks, identifying vulnerabilities and proposing countermeasures to mitigate the potential impact on company assets
  • Regulatory and Legal Compliance: Ensure strict knowledge and compliance with Spanish and international applicable regulations (eg ENS, CCN-STIC, NIS2, CRA, ISO 27001, NATO, EU, PART-IS, CMMI, NIST), as well as actively participating in accreditation processes and system certification
  • Audit and Accreditation: Coordinate security audits (internal and external) and manage the necessary documentation and evidence for system accreditation processes
  • National networks: provide technical expertise and support to the Spanish NISO (National Information Security Officer) in evaluating and defining the security conditions required to answer the demands for different areas regarding interconnections and geographical extensions of our national network
  • Security Project Management: lead or participate in the management of key projects aimed at implementing, updating, or reinforcing security controls and tools
  • Deviation Management: administer and document the security deviation management process, evaluating its associated risk and establishing mitigation plans
  • Support the Spanish NISO in the implementation of the company digital security strategy within the framework of the national laws and regulations and in the implementation of technical and organization measures to identify, resort and manage cyber security risks

Requirements

  • University degree in Computer Science, Engineering, Telecommunications, Information Systems, or a related field
  • Relevant industry certifications are highly valued (e.g. CISSP, CISM, CISA, ISO/IEC 27001 Lead Implementer/Auditor)
  • Deep understanding of risk analysis: proven experience leading and documenting comprehensive Information Security Risk Assessments (RAR) and defining effective mitigation strategies. Knowledge of MAGERIT and EBIOS methodologies and tools (Pilar / Fence)
  • Regulatory Compliance Mastery (ENS, CCN-STIC…)
  • Accreditation and Audit Management: extensive hands-on experience in managing security audits and supporting system accreditation/certification processes (eg. ISO 27001, ENS compliance)
  • Penetration Test Coordination: experience coordinating penetration testing (overseeing the scope, evaluating technical results, and tracking remediation plans)
  • Security Architecture/Controls: solid understanding of technical security controls across network, system, and application layers, and the ability to interface with IT/DevOps teams
  • Security Project Management: Demonstrated ability to manage and deliver security implementation projects on time and within budget, translating high-level policy into actionable tasks
  • Deviation Management: experience defining, managing, and tracking security exceptions or deviations, including risk acceptance and compensating control documentation
  • Stakeholder communication: excellent written and verbal communication skills to effectively bridge the gap between Corporate Security management and IT operation teams
  • Tools such as: Jira, Confluence, ITIL, Ebios

Nice to have

  • Policy Development: Experience drafting, implementing, and enforcing corporate information security policies, standards, and procedures
  • Fluency in Spanish and English: given the specific Spanish compliance requirements and the international nature of Cybersecurity, full professional proficiency in both Spanish and English is strongly preferred
Airbus - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Information Security Integration and Governance Specialist

8 matching positions

Senior Information Security Specialist

As a Senior Information Security Specialist, you will play a critical role in pr...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience
  • Minimum 7 years of experience in information security, IT risk management, or related roles, preferably in federal or state government environments
  • Strong knowledge of federal cybersecurity frameworks including NIST SP 800-53, OWASP Top 10, DISA STIGs, and Common Criteria
  • Hands-on experience with networking concepts, system administration, and software development practices
  • Proficiency in using Splunk or comparable SIEM tools for security event monitoring, audit log analysis, and incident response
  • Experience working within Agile or Scaled Agile Framework (SAFe) teams and integrating security in fast-paced development environments
  • Excellent communication skills with the ability to convey complex security concepts to technical and non-technical audiences
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead comprehensive reviews of management, operational, personnel, and technical security controls to verify their effectiveness during all phases of the system lifecycle
  • Identify, evaluate, and mitigate technical and operational security risks, threats, vulnerabilities, and weaknesses across diverse information systems
  • Drive compliance efforts with government standards and industry best practices, including NIST, OWASP, Common Criteria, DISA, and SANS Institute guidelines
  • Collaborate within Agile development teams to integrate security throughout the software development lifecycle, supporting secure design, testing, and deployment
  • Utilize hands-on expertise in networking, system administration, and software development to analyze security impacts and recommend improvements
  • Oversee audit log reviews and system alerting using Splunk or similar SIEM platforms to detect, investigate, and respond to security incidents
  • Communicate security findings clearly and effectively to technical teams and leadership, fostering a culture of security awareness and continuous improvement
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Cybersecurity & Access Management – Senior Specialist

Lead the design, implementation, and continuous strengthening of cybersecurity p...
Location
Location
Salary
Salary:
Not provided
hiremoters.ai Logo
HiRemoters
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in cybersecurity, information security, access governance, or IT security architecture roles
  • 8 years experience in cybersecurity, information security, access governance, or IT security architecture roles
  • Strong expertise in cybersecurity frameworks and standards (ISO 27001, NIST, CIS Controls, or equivalent)
  • Hands-on experience with identity and access management systems (Azure Active Directory, role-based access control models)
  • Experience securing cloud environments (Microsoft Azure security tools, security center, identity protection)
  • Knowledge of data protection technologies including encryption, secure data storage, and access monitoring
  • Experience with security monitoring tools, vulnerability management, and risk assessment methodologies
  • Understanding of secure architecture principles for CRM, ERP, and data platforms
  • Familiarity with API security, authentication protocols, and integration security controls
Job Responsibility
Job Responsibility
  • Design, implement, and manage cybersecurity framework across cloud platforms, enterprise systems, and data environments
  • Establish and maintain access governance policies, identity management standards, and role-based access controls across CRM, ERP, and data platforms
  • Continuously monitor and improve the security posture of digital ecosystem, including infrastructure, integrations, and user access patterns
  • Support secure onboarding of new systems, platforms, and integrations by embedding security principles into implementation processes
  • Lead cybersecurity risk assessments and vulnerability mitigation initiatives
  • Define and enforce cybersecurity governance standards across AGF’s digital ecosystem
  • Establish access governance frameworks, including identity lifecycle management and least-privilege principles
  • Contribute to enterprise governance decisions related to data protection, system access, and secure architecture
  • Support policy development related to information security, data protection, and secure systems usage
  • Serve as the technical lead for data protection compliance, including PDP-aligned security practices and access controls
What we offer
What we offer
  • Flexible and Remote Working
  • Career Growth
  • Performance Recognition
  • Health and Fitness Benefits
  • Extra Paid Annual Leave
  • Special Birthday Perk
  • Fulltime
Read More
Arrow Right

Security Governance Specialist

The Security Governance Specialist is a critical member of the Information Secur...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
docplanner.com Logo
DocPlanner GmbH
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • ISO 27001 Lead Auditor or Implementer certification is highly desirable (but not essential)
  • Experience leading or taking part in internal and or external audits
  • 5+ years of experience in information security governance
  • Knowledge of relevant security standards and frameworks (e.g., ISO 27001, NIST, SOC 2)
  • Experience of continuous compliance tooling (eg Vanta or Drata)
  • Strong understanding of regulatory requirements, such as GDPR
  • Excellent communication and collaboration skills, with the ability to work across various departments
  • Strong analytical and problem-solving skills
  • Detail-oriented with a commitment to maintaining accuracy in documentation
  • Ability to adapt to a dynamic and fast-paced environment
Job Responsibility
Job Responsibility
  • Develop and maintain information security policies, procedures, and standards in alignment with industry best practices, regulatory requirements, and organizational goals
  • Collaborate with stakeholders across the organization to ensure policies meet business needs while maintaining security standards
  • Establish and manage the security governance framework, ensuring consistency and accountability in security practices
  • Define and communicate governance-related roles and responsibilities within the organization
  • Assist in identifying and understanding regulatory requirements and standards relevant to the organization (e.g., SOC 2, ISO 27001)
  • Ensure that security practices and policies align with compliance requirements and facilitate compliance assessments and audits
  • Contribute to the development of security awareness programs and training materials
  • Collaborate with the Security Awareness and Training Specialist to educate employees about security policies and best practices
  • Maintain a repository of security policies, procedures, and standards
  • Prepare and distribute reports on compliance status, governance efforts, and security metrics to management
What we offer
What we offer
  • True flexibility and work-life balance
  • Remote or hybrid work model with our hub in Barcelona
  • Flexible working hours
  • Summer intensive schedule during July and August (work 7 hours, finish earlier)
  • 23 paid holidays, with exchangeable local bank holidays
  • Additional paid holiday on your birthday or work anniversary (you choose what you want to celebrate)
  • Private healthcare plan with Adeslas for you and subsidized for your family (medical and dental)
  • Access to hundreds of gyms for a symbolic fee in partnership for you and your family
  • Access to iFeel, a technological platform for mental wellness offering online psychological support and counseling
  • Free English and Spanish classes
  • Fulltime
Read More
Arrow Right

Security Governance Specialist

The Security Governance Specialist is a critical member of the Information Secur...
Location
Location
Poland , Warsaw
Salary
Salary:
Not provided
docplanner.com Logo
DocPlanner GmbH
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • ISO 27001 Lead Auditor or Implementer certification is highly desirable (but not essential)
  • Experience leading or taking part in internal and or external audits
  • 5+ years of experience in information security governance
  • Knowledge of relevant security standards and frameworks (e.g., ISO 27001, NIST, SOC 2)
  • Experience of continuous compliance tooling (eg Vanta or Drata)
  • Strong understanding of regulatory requirements, such as GDPR
  • Excellent communication and collaboration skills, with the ability to work across various departments
  • Strong analytical and problem-solving skills
  • Detail-oriented with a commitment to maintaining accuracy in documentation
  • Ability to adapt to a dynamic and fast-paced environment
Job Responsibility
Job Responsibility
  • Develop and maintain information security policies, procedures, and standards in alignment with industry best practices, regulatory requirements, and organizational goals
  • Collaborate with stakeholders across the organization to ensure policies meet business needs while maintaining security standards
  • Establish and manage the security governance framework, ensuring consistency and accountability in security practices
  • Define and communicate governance-related roles and responsibilities within the organization
  • Assist in identifying and understanding regulatory requirements and standards relevant to the organization (e.g., SOC 2, ISO 27001)
  • Ensure that security practices and policies align with compliance requirements and facilitate compliance assessments and audits
  • Contribute to the development of security awareness programs and training materials
  • Collaborate with the Security Awareness and Training Specialist to educate employees about security policies and best practices
  • Maintain a repository of security policies, procedures, and standards
  • Prepare and distribute reports on compliance status, governance efforts, and security metrics to management
What we offer
What we offer
  • True flexibility and work-life balance
  • Remote or hybrid work model with our hub in Warsaw
  • Flexible working hours (fully flexible, as in most cases you only have to be on a couple of meetings weekly)
  • 20/26 days of paid time off (depending on your contract)
  • Additional paid holiday on your birthday or work anniversary (you choose what you want to celebrate)
  • Private healthcare plan with Signal Iduna for you and subsidized for your family
  • Multisport card co-financing for you to have access to sports facilities across Poland
  • Access to iFeel, a technological platform for mental wellness offering online psychological support and counseling
  • Free English and Spanish classes
  • Fulltime
Read More
Arrow Right

TPRM Specialist

A highly motivated and hands-on professional to join the Supply Chain Security (...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
levy-professionals.com Logo
Levy Professionals
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge and experience with setting up projects & deliverables within supply chain security / Third-Party Risk Management (TPRM)
  • Proven experience in executing information security risk assessments
  • Knowledgeable on one or more areas such as security processes, technology architectures, network security, application security, and vulnerability management
  • Experience with the ServiceNow TPRM module is a significant advantage
  • HBO or University degree
  • Excellent stakeholder management skills
  • A strong ability to translate technical risks into business risks and vice versa
  • Hands-on, self-organised, willing to finish and deliver (execution power)
  • Service-oriented professional who enjoys taking on an internal consultancy role
  • The working language within the team is English
Job Responsibility
Job Responsibility
  • Govern and manage IT vendor relationships concerning performance on the security aspects of underlying contractual obligations
  • Execute Vendor Security Risk Assessments and perform necessary follow-up actions, focusing on material risks
  • Ensure that information security risks are identified and managed effectively throughout all stages of the relationship with external vendors
  • Review the applicability and quality level of assurance reports issued by third parties
  • Manage the IT security-related part of vendor contracts, working closely with 2nd line functions such as legal, compliance, and procurement on contractual changes
  • Actively stay up-to-date with emerging cyber security trends, risk, and threat developments, and share this knowledge to help integrate them into the assessment program
  • Help solve security-related questions, take initiative, and escalate in time if needed
  • Signal improvements related to the way of working inside the team and contribute to improving the excellence of the service offering
  • Work according to the DevOps & Agile methodology, improving Supply Chain Security services based on user stories
  • Occasionally investigate and resolve incidents as they occur
Read More
Arrow Right

Data Protection Adviser

As the Data Protection Adviser, you will support the GDPR Compliance Lead to cha...
Location
Location
United Kingdom
Salary
Salary:
Not provided
pfgl.co.uk Logo
Perspective Financial Group Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Three or more years of experience in data protection compliance, information governance or related field
  • A degree, relevant certifications (e.g., CISSP, CISM, ISO 27001) or equivalent work-related attainment or experience
  • Strong leadership and decision-making skills, with the ability to manage and mitigate organisational risk
  • Excellent communication skills, capable of translating complex security concepts for technical and non-technical audiences
  • Experience of implementing DPIAs, LIAs, Data Processing and Sharing Agreements
  • Proven experience in developing and implementing policy and strategy in data protection and information governance
  • Expertise in information assurance, risk management, audit, and stakeholder engagement
  • Experience of using Data Security and Protection applications such as Microsoft Purview
  • Excellent verbal and written communication skills, with strong attention to detail
Job Responsibility
Job Responsibility
  • Support the business for staff members on matters related to information governance and data protection
  • Support the creation and maintenance of company policies that enable compliance with UK GDPR and information governance best practice
  • Regular evaluation of the existing data protection information governance framework to identify areas of no or partial compliance, and rectify any issues, and continuous improvement
  • Develop training and provide advice to staff members on information governance and data protection
  • Promote a culture of data protection compliance and information governance best practice across all areas of the business
  • Carry out day to day UK GDPR and information governance activities
  • Manage and support the response to UK GDPR Data Subject Rights Requests in a timely and compliant manner
  • Support the timely management of data breach incidents and information governance incidents, including carrying out investigations, route cause analysis, MI and managing external reporting where required
  • Monitor and develop training for information governance and data protection
  • Maintain the organisation’s Record of Processing Activities (RoPA), Statement of Applicability (SOA), Retention Schedule and regulatory requirements
What we offer
What we offer
  • 25 days holiday (rising with length of service) plus Bank Holidays
  • Birthday Leave
  • Holiday Purchase Scheme
  • Life Assurance
  • Pension
  • Corporate Eyecare
  • Extras Discount shopping discounts
  • Cyclescheme
  • Employee Referral Scheme
  • Learning & Development Programme (Perspective Academy)
  • Fulltime
Read More
Arrow Right

Information Assurance Specialist Manager

At Boeing, we innovate and collaborate to make the world a better place. We’re c...
Location
Location
United States , Wichita
Salary
Salary:
107400.00 - 164700.00 USD / Year
boeing.com Logo
Boeing
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High School Diploma or GED
  • 5+ years of related professional experience
  • Ability to obtain a U.S. Secret Security Clearance and Special Program Access (for which the U.S. Government requires U.S. Citizenship)
Job Responsibility
Job Responsibility
  • First Level Manager will be responsible for managing personnel that monitor laws, regulations, industry standards, and best practices related to confidentiality, integrity and availability of information and ensure the implementation of these standards in the organization as required
  • Develop, maintain, and interpret policies and procedures related to the protection of systems, networks, people, information, and property
  • Perform compliance and assessment activities related to information security, data privacy, incident management, and risk management
  • Collaboratively develop risk mitigation plans with subject matter experts and ensure accountability for these actions
  • Assess compliance, security, and control risks related to information systems and technical infrastructure
  • Develop training and education materials and promote information security awareness
  • Translate complex, technical concepts into business-relevant terms to facilitate effective decision making by non-technical personnel
  • Support audit activities - both internal and external, related to information security
  • May oversee and manage the DoD accreditation of secure operating systems and networks
  • Collaborate with federal oversight/regulatory agencies to ensure company/program compliance with DoD requirements
What we offer
What we offer
  • health insurance
  • flexible spending accounts
  • health savings accounts
  • retirement savings plans
  • life and disability insurance programs
  • programs that provide for both paid and unpaid time away from work
  • generous company match to your 401(k)
  • industry-leading tuition assistance program pays your institution directly
  • fertility, adoption, and surrogacy benefits
  • up to $10,000 gift match when you support your favorite nonprofit organizations
  • Fulltime
Read More
Arrow Right

Cyber Security Specialist (GRC)

As a Cyber Security Specialist, you will be integrated into the Portugal Cyber S...
Location
Location
Portugal , Lisboa
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree, professional qualification or relevant experience in Technology Security
  • Experience in cyber security risk management, governance and control frameworks
  • Experience supporting risk registers, control assessments, audits or assurance activities
  • Knowledge of information security and risk management standards (ex: ISO/IEC 27001, NIST, COBIT)
  • Strong understanding of cyber security threats and ability to assess business and operational impact
  • Experience working with policies, standards, controls and compliance requirements
  • Strong communication skills, with the ability to explain cyber risks and control gaps in clear business language
  • Ability to work effectively across technical and non‑technical stakeholders, balancing security, risk and business needs
  • Fluency in the English language
Job Responsibility
Job Responsibility
  • Integrated into the Portugal Cyber Security Governance, Risk & Control function, with responsibility for ensuring that cyber security risks are identified, assessed, governed and managed within Vodafone’s risk tolerance
  • Contributing to the three main areas: Cyber Risk Management, Security Governance and Control Assurance
  • Act as a Cyber GRC Subject Matter Expert to enable technical and business teams to operate Vodafone products and services in a secure and compliant manner, with strong focus on cyber risk, policy adherence and control effectiveness
  • Ensuring that cyber security risks are properly identified, assessed, governed and managed, that security controls are effectively implemented and evidenced, and that all governance processes supporting those controls are in place, in line with Vodafone Group cyber security strategy and local market technology and business priorities
  • Follow up on risks, controls and remediation actions throughout their lifecycle, ensuring proper understanding of cyber security requirements, analysing, classifying and prioritising cyber risks according to business context, and supporting informed risk decisions
  • Report to the Cyber Security GRC Team Lead in Portugal and be an active part of the local market Cyber Security team, supporting effective collaboration with local structures such as Network, Digital & IT, Secure by Design, Cyber Defence, Corporate Security, Privacy, Legal, Risk and Compliance, among others
What we offer
What we offer
  • Hybrid Work Model - Flexible hybrid work model with 8-10 in-office days per month, managed by team leaders
  • Vodafone Products and Services - Employees get a mobile phone, free communication plan, data card, and various discounts on services and products
  • Recognition - Recognition programs for innovative, creative, high-potential employees and exemplary behaviors
  • Health and Well-being - Well-being Program offers nutrition and psychological consultations, webinars, workshops, and discounts on various services and products
  • Learning - Access to Communities of Practice and a customizable digital training platform with high-quality content (namely Harvard Business Publishing and Skillsoft)
  • Local and International Mobility - Internal recruitment with local and international rotation opportunities across departments and roles
Read More
Arrow Right