CrawlJobs Logo

Information Security Integration and Governance Specialist

airbus.com Logo

Airbus

Location Icon

Location:
Spain , Getafe Area

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Within Airbus Defence and Space SAU, Corporate Security operates under a holistic approach, protecting our people, our industrial assets, our products and services and our information. Given the frame where we operate, the team is characterized by a culture of proactive risk management and rigorous regulatory compliance. Given the constant evolution of threats and regulatory frameworks, the role we seek to fill is essential for bridging the gap between corporate security requirements and the technical execution by the Digital team. We are looking for a professional with an integral vision to join our team as an Information Security Integration and Governance Specialist. This role is the strategic nexus between the corporation´s security guidelines and the technical implementation by Digital, ensuring that protection standards are effectively translated into the daily technological architecture and operations. This position is crucial for keeping our risk posture under control and ensuring strict adherence to local and international regulations, directly contributing to the organizatións resilience and compliance.

Job Responsibility:

  • Strategic Interconnection: Act as the interface and point of contact between the Corporate Security area and the Digital area, translating security requirements into applicable technical solutions
  • Risk Management and Analysis: Lead the analysis, assessment, and treatment of security risks, identifying vulnerabilities and proposing countermeasures to mitigate the potential impact on company assets
  • Regulatory and Legal Compliance: Ensure strict knowledge and compliance with Spanish and international applicable regulations (eg ENS, CCN-STIC, NIS2, CRA, ISO 27001, NATO, EU, PART-IS, CMMI, NIST), as well as actively participating in accreditation processes and system certification
  • Audit and Accreditation: Coordinate security audits (internal and external) and manage the necessary documentation and evidence for system accreditation processes
  • National networks: provide technical expertise and support to the Spanish NISO (National Information Security Officer) in evaluating and defining the security conditions required to answer the demands for different areas regarding interconnections and geographical extensions of our national network
  • Security Project Management: lead or participate in the management of key projects aimed at implementing, updating, or reinforcing security controls and tools
  • Deviation Management: administer and document the security deviation management process, evaluating its associated risk and establishing mitigation plans
  • Support the Spanish NISO in the implementation of the company digital security strategy within the framework of the national laws and regulations and in the implementation of technical and organization measures to identify, resort and manage cyber security risks

Requirements:

  • University degree in Computer Science, Engineering, Telecommunications, Information Systems, or a related field
  • Relevant industry certifications are highly valued (e.g. CISSP, CISM, CISA, ISO/IEC 27001 Lead Implementer/Auditor)
  • Deep understanding of risk analysis: proven experience leading and documenting comprehensive Information Security Risk Assessments (RAR) and defining effective mitigation strategies. Knowledge of MAGERIT and EBIOS methodologies and tools (Pilar / Fence)
  • Regulatory Compliance Mastery (ENS, CCN-STIC…)
  • Accreditation and Audit Management: extensive hands-on experience in managing security audits and supporting system accreditation/certification processes (eg. ISO 27001, ENS compliance)
  • Penetration Test Coordination: experience coordinating penetration testing (overseeing the scope, evaluating technical results, and tracking remediation plans)
  • Security Architecture/Controls: solid understanding of technical security controls across network, system, and application layers, and the ability to interface with IT/DevOps teams
  • Security Project Management: Demonstrated ability to manage and deliver security implementation projects on time and within budget, translating high-level policy into actionable tasks
  • Deviation Management: experience defining, managing, and tracking security exceptions or deviations, including risk acceptance and compensating control documentation
  • Stakeholder communication: excellent written and verbal communication skills to effectively bridge the gap between Corporate Security management and IT operation teams
  • Tools such as: Jira, Confluence, ITIL, Ebios

Nice to have:

  • Policy Development: Experience drafting, implementing, and enforcing corporate information security policies, standards, and procedures
  • Fluency in Spanish and English: given the specific Spanish compliance requirements and the international nature of Cybersecurity, full professional proficiency in both Spanish and English is strongly preferred

Additional Information:

Job Posted:
February 22, 2026

Employment Type:
Fulltime
Icon
Airbus - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Information Security Integration and Governance Specialist

Senior Information Security Specialist

As a Senior Information Security Specialist, you will play a critical role in pr...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience
  • Minimum 7 years of experience in information security, IT risk management, or related roles, preferably in federal or state government environments
  • Strong knowledge of federal cybersecurity frameworks including NIST SP 800-53, OWASP Top 10, DISA STIGs, and Common Criteria
  • Hands-on experience with networking concepts, system administration, and software development practices
  • Proficiency in using Splunk or comparable SIEM tools for security event monitoring, audit log analysis, and incident response
  • Experience working within Agile or Scaled Agile Framework (SAFe) teams and integrating security in fast-paced development environments
  • Excellent communication skills with the ability to convey complex security concepts to technical and non-technical audiences
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead comprehensive reviews of management, operational, personnel, and technical security controls to verify their effectiveness during all phases of the system lifecycle
  • Identify, evaluate, and mitigate technical and operational security risks, threats, vulnerabilities, and weaknesses across diverse information systems
  • Drive compliance efforts with government standards and industry best practices, including NIST, OWASP, Common Criteria, DISA, and SANS Institute guidelines
  • Collaborate within Agile development teams to integrate security throughout the software development lifecycle, supporting secure design, testing, and deployment
  • Utilize hands-on expertise in networking, system administration, and software development to analyze security impacts and recommend improvements
  • Oversee audit log reviews and system alerting using Splunk or similar SIEM platforms to detect, investigate, and respond to security incidents
  • Communicate security findings clearly and effectively to technical teams and leadership, fostering a culture of security awareness and continuous improvement
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Cybersecurity & Access Management – Senior Specialist

Lead the design, implementation, and continuous strengthening of cybersecurity p...
Location
Location
Salary
Salary:
Not provided
hiremoters.ai Logo
HiRemoters
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in cybersecurity, information security, access governance, or IT security architecture roles
  • 8 years experience in cybersecurity, information security, access governance, or IT security architecture roles
  • Strong expertise in cybersecurity frameworks and standards (ISO 27001, NIST, CIS Controls, or equivalent)
  • Hands-on experience with identity and access management systems (Azure Active Directory, role-based access control models)
  • Experience securing cloud environments (Microsoft Azure security tools, security center, identity protection)
  • Knowledge of data protection technologies including encryption, secure data storage, and access monitoring
  • Experience with security monitoring tools, vulnerability management, and risk assessment methodologies
  • Understanding of secure architecture principles for CRM, ERP, and data platforms
  • Familiarity with API security, authentication protocols, and integration security controls
Job Responsibility
Job Responsibility
  • Design, implement, and manage cybersecurity framework across cloud platforms, enterprise systems, and data environments
  • Establish and maintain access governance policies, identity management standards, and role-based access controls across CRM, ERP, and data platforms
  • Continuously monitor and improve the security posture of digital ecosystem, including infrastructure, integrations, and user access patterns
  • Support secure onboarding of new systems, platforms, and integrations by embedding security principles into implementation processes
  • Lead cybersecurity risk assessments and vulnerability mitigation initiatives
  • Define and enforce cybersecurity governance standards across AGF’s digital ecosystem
  • Establish access governance frameworks, including identity lifecycle management and least-privilege principles
  • Contribute to enterprise governance decisions related to data protection, system access, and secure architecture
  • Support policy development related to information security, data protection, and secure systems usage
  • Serve as the technical lead for data protection compliance, including PDP-aligned security practices and access controls
What we offer
What we offer
  • Flexible and Remote Working
  • Career Growth
  • Performance Recognition
  • Health and Fitness Benefits
  • Extra Paid Annual Leave
  • Special Birthday Perk
  • Fulltime
Read More
Arrow Right

Security Governance Specialist

The Security Governance Specialist is a critical member of the Information Secur...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
docplanner.com Logo
DocPlanner GmbH
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • ISO 27001 Lead Auditor or Implementer certification is highly desirable (but not essential)
  • Experience leading or taking part in internal and or external audits
  • 5+ years of experience in information security governance
  • Knowledge of relevant security standards and frameworks (e.g., ISO 27001, NIST, SOC 2)
  • Experience of continuous compliance tooling (eg Vanta or Drata)
  • Strong understanding of regulatory requirements, such as GDPR
  • Excellent communication and collaboration skills, with the ability to work across various departments
  • Strong analytical and problem-solving skills
  • Detail-oriented with a commitment to maintaining accuracy in documentation
  • Ability to adapt to a dynamic and fast-paced environment
Job Responsibility
Job Responsibility
  • Develop and maintain information security policies, procedures, and standards in alignment with industry best practices, regulatory requirements, and organizational goals
  • Collaborate with stakeholders across the organization to ensure policies meet business needs while maintaining security standards
  • Establish and manage the security governance framework, ensuring consistency and accountability in security practices
  • Define and communicate governance-related roles and responsibilities within the organization
  • Assist in identifying and understanding regulatory requirements and standards relevant to the organization (e.g., SOC 2, ISO 27001)
  • Ensure that security practices and policies align with compliance requirements and facilitate compliance assessments and audits
  • Contribute to the development of security awareness programs and training materials
  • Collaborate with the Security Awareness and Training Specialist to educate employees about security policies and best practices
  • Maintain a repository of security policies, procedures, and standards
  • Prepare and distribute reports on compliance status, governance efforts, and security metrics to management
What we offer
What we offer
  • True flexibility and work-life balance
  • Remote or hybrid work model with our hub in Barcelona
  • Flexible working hours
  • Summer intensive schedule during July and August (work 7 hours, finish earlier)
  • 23 paid holidays, with exchangeable local bank holidays
  • Additional paid holiday on your birthday or work anniversary (you choose what you want to celebrate)
  • Private healthcare plan with Adeslas for you and subsidized for your family (medical and dental)
  • Access to hundreds of gyms for a symbolic fee in partnership for you and your family
  • Access to iFeel, a technological platform for mental wellness offering online psychological support and counseling
  • Free English and Spanish classes
  • Fulltime
Read More
Arrow Right

Security Governance Specialist

The Security Governance Specialist is a critical member of the Information Secur...
Location
Location
Poland , Warsaw
Salary
Salary:
Not provided
docplanner.com Logo
DocPlanner GmbH
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • ISO 27001 Lead Auditor or Implementer certification is highly desirable (but not essential)
  • Experience leading or taking part in internal and or external audits
  • 5+ years of experience in information security governance
  • Knowledge of relevant security standards and frameworks (e.g., ISO 27001, NIST, SOC 2)
  • Experience of continuous compliance tooling (eg Vanta or Drata)
  • Strong understanding of regulatory requirements, such as GDPR
  • Excellent communication and collaboration skills, with the ability to work across various departments
  • Strong analytical and problem-solving skills
  • Detail-oriented with a commitment to maintaining accuracy in documentation
  • Ability to adapt to a dynamic and fast-paced environment
Job Responsibility
Job Responsibility
  • Develop and maintain information security policies, procedures, and standards in alignment with industry best practices, regulatory requirements, and organizational goals
  • Collaborate with stakeholders across the organization to ensure policies meet business needs while maintaining security standards
  • Establish and manage the security governance framework, ensuring consistency and accountability in security practices
  • Define and communicate governance-related roles and responsibilities within the organization
  • Assist in identifying and understanding regulatory requirements and standards relevant to the organization (e.g., SOC 2, ISO 27001)
  • Ensure that security practices and policies align with compliance requirements and facilitate compliance assessments and audits
  • Contribute to the development of security awareness programs and training materials
  • Collaborate with the Security Awareness and Training Specialist to educate employees about security policies and best practices
  • Maintain a repository of security policies, procedures, and standards
  • Prepare and distribute reports on compliance status, governance efforts, and security metrics to management
What we offer
What we offer
  • True flexibility and work-life balance
  • Remote or hybrid work model with our hub in Warsaw
  • Flexible working hours (fully flexible, as in most cases you only have to be on a couple of meetings weekly)
  • 20/26 days of paid time off (depending on your contract)
  • Additional paid holiday on your birthday or work anniversary (you choose what you want to celebrate)
  • Private healthcare plan with Signal Iduna for you and subsidized for your family
  • Multisport card co-financing for you to have access to sports facilities across Poland
  • Access to iFeel, a technological platform for mental wellness offering online psychological support and counseling
  • Free English and Spanish classes
  • Fulltime
Read More
Arrow Right

TPRM Specialist

A highly motivated and hands-on professional to join the Supply Chain Security (...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
levy-professionals.com Logo
Levy Professionals
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge and experience with setting up projects & deliverables within supply chain security / Third-Party Risk Management (TPRM)
  • Proven experience in executing information security risk assessments
  • Knowledgeable on one or more areas such as security processes, technology architectures, network security, application security, and vulnerability management
  • Experience with the ServiceNow TPRM module is a significant advantage
  • HBO or University degree
  • Excellent stakeholder management skills
  • A strong ability to translate technical risks into business risks and vice versa
  • Hands-on, self-organised, willing to finish and deliver (execution power)
  • Service-oriented professional who enjoys taking on an internal consultancy role
  • The working language within the team is English
Job Responsibility
Job Responsibility
  • Govern and manage IT vendor relationships concerning performance on the security aspects of underlying contractual obligations
  • Execute Vendor Security Risk Assessments and perform necessary follow-up actions, focusing on material risks
  • Ensure that information security risks are identified and managed effectively throughout all stages of the relationship with external vendors
  • Review the applicability and quality level of assurance reports issued by third parties
  • Manage the IT security-related part of vendor contracts, working closely with 2nd line functions such as legal, compliance, and procurement on contractual changes
  • Actively stay up-to-date with emerging cyber security trends, risk, and threat developments, and share this knowledge to help integrate them into the assessment program
  • Help solve security-related questions, take initiative, and escalate in time if needed
  • Signal improvements related to the way of working inside the team and contribute to improving the excellence of the service offering
  • Work according to the DevOps & Agile methodology, improving Supply Chain Security services based on user stories
  • Occasionally investigate and resolve incidents as they occur
Read More
Arrow Right

Data Protection Adviser

As the Data Protection Adviser, you will support the GDPR Compliance Lead to cha...
Location
Location
United Kingdom
Salary
Salary:
Not provided
pfgl.co.uk Logo
Perspective Financial Group Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Three or more years of experience in data protection compliance, information governance or related field
  • A degree, relevant certifications (e.g., CISSP, CISM, ISO 27001) or equivalent work-related attainment or experience
  • Strong leadership and decision-making skills, with the ability to manage and mitigate organisational risk
  • Excellent communication skills, capable of translating complex security concepts for technical and non-technical audiences
  • Experience of implementing DPIAs, LIAs, Data Processing and Sharing Agreements
  • Proven experience in developing and implementing policy and strategy in data protection and information governance
  • Expertise in information assurance, risk management, audit, and stakeholder engagement
  • Experience of using Data Security and Protection applications such as Microsoft Purview
  • Excellent verbal and written communication skills, with strong attention to detail
Job Responsibility
Job Responsibility
  • Support the business for staff members on matters related to information governance and data protection
  • Support the creation and maintenance of company policies that enable compliance with UK GDPR and information governance best practice
  • Regular evaluation of the existing data protection information governance framework to identify areas of no or partial compliance, and rectify any issues, and continuous improvement
  • Develop training and provide advice to staff members on information governance and data protection
  • Promote a culture of data protection compliance and information governance best practice across all areas of the business
  • Carry out day to day UK GDPR and information governance activities
  • Manage and support the response to UK GDPR Data Subject Rights Requests in a timely and compliant manner
  • Support the timely management of data breach incidents and information governance incidents, including carrying out investigations, route cause analysis, MI and managing external reporting where required
  • Monitor and develop training for information governance and data protection
  • Maintain the organisation’s Record of Processing Activities (RoPA), Statement of Applicability (SOA), Retention Schedule and regulatory requirements
What we offer
What we offer
  • 25 days holiday (rising with length of service) plus Bank Holidays
  • Birthday Leave
  • Holiday Purchase Scheme
  • Life Assurance
  • Pension
  • Corporate Eyecare
  • Extras Discount shopping discounts
  • Cyclescheme
  • Employee Referral Scheme
  • Learning & Development Programme (Perspective Academy)
  • Fulltime
Read More
Arrow Right

Specialist IS Security Engineer – Identity Management

Join our team at AMGEN Capability Center Portugal, the #1 company in Best Workpl...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
amgen.com Logo
Amgen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s degree and 4 years of Information Systems or Information Security experience
  • Bachelor’s degree and 6 years of Information Systems or Information Security experience
  • Associate’s degree and 8 years of Information Systems or Information Security experience
  • Strong experience with identity and access management (IAM) and identity security solutions
  • Hands-on experience integrating SailPoint with enterprise applications (on-prem and cloud)
  • Solid understanding of identity governance concepts, including RBAC, access certifications, least privilege, and user lifecycle management
  • Proficiency with identity platforms such as SailPoint, Okta, Azure AD / Entra ID
  • Knowledge of authentication and provisioning protocols (SCIM, SAML, OAuth, OpenID Connect)
  • Experience working with APIs and secure integration patterns
  • Strong understanding of directory services (LDAP, Active Directory)
Job Responsibility
Job Responsibility
  • Design, implement, administer, and maintain security controls for Amgen’s identity and access management ecosystem, including provisioning, authentication, and authorization systems
  • Engineer and support secure identity provisioning solutions aligned with IAM and RBAC frameworks across on-premises and cloud environments
  • Serve as a security engineering lead for IdM and access-related initiatives, ensuring solutions meet security architecture standards, governance requirements, and regulatory expectations
  • Conduct security reviews, threat modeling, and risk assessments for identity-related systems and integrations
  • Partner with project and application teams to embed security best practices into system designs, configurations, and deployments
  • Monitor security, operational, and performance metrics for managed systems
  • develop KPIs to track security posture, availability, and growth trends
  • Support incident response activities related to identity, access, and authentication issues, including investigation, containment, remediation, and documentation
  • Develop and maintain security documentation, including system security designs, operational procedures, incident response playbooks, and access control policies
  • Evaluate emerging security tools, technologies, and industry trends to continuously improve identity and access security capabilities
What we offer
What we offer
  • Work That Matters – Build tech that accelerates scientific breakthroughs and helps patients worldwide
  • Modern Tech Stack – Cloud-first, automation-focused, AI-powered
  • Global Scale, Agile Mindset – Collaborate across continents while working in nimble, high-impact teams
  • Continuous Learning – Access to certifications, trainings, mentorship, and career mobility
  • AMGEN Total Rewards Plan – Comprehensive benefits in healthcare, finance, and well-being
  • Flexibility – Hybrid work model with time split between our Lisbon office and remote work
  • Fulltime
Read More
Arrow Right

Cyber Security Specialist (GRC)

As a Cyber Security Specialist, you will be integrated into the Portugal Cyber S...
Location
Location
Portugal , Lisboa
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree, professional qualification or relevant experience in Technology Security
  • Experience in cyber security risk management, governance and control frameworks
  • Experience supporting risk registers, control assessments, audits or assurance activities
  • Knowledge of information security and risk management standards (ex: ISO/IEC 27001, NIST, COBIT)
  • Strong understanding of cyber security threats and ability to assess business and operational impact
  • Experience working with policies, standards, controls and compliance requirements
  • Strong communication skills, with the ability to explain cyber risks and control gaps in clear business language
  • Ability to work effectively across technical and non‑technical stakeholders, balancing security, risk and business needs
  • Fluency in the English language
Job Responsibility
Job Responsibility
  • Integrated into the Portugal Cyber Security Governance, Risk & Control function, with responsibility for ensuring that cyber security risks are identified, assessed, governed and managed within Vodafone’s risk tolerance
  • Contributing to the three main areas: Cyber Risk Management, Security Governance and Control Assurance
  • Act as a Cyber GRC Subject Matter Expert to enable technical and business teams to operate Vodafone products and services in a secure and compliant manner, with strong focus on cyber risk, policy adherence and control effectiveness
  • Ensuring that cyber security risks are properly identified, assessed, governed and managed, that security controls are effectively implemented and evidenced, and that all governance processes supporting those controls are in place, in line with Vodafone Group cyber security strategy and local market technology and business priorities
  • Follow up on risks, controls and remediation actions throughout their lifecycle, ensuring proper understanding of cyber security requirements, analysing, classifying and prioritising cyber risks according to business context, and supporting informed risk decisions
  • Report to the Cyber Security GRC Team Lead in Portugal and be an active part of the local market Cyber Security team, supporting effective collaboration with local structures such as Network, Digital & IT, Secure by Design, Cyber Defence, Corporate Security, Privacy, Legal, Risk and Compliance, among others
What we offer
What we offer
  • Hybrid Work Model - Flexible hybrid work model with 8-10 in-office days per month, managed by team leaders
  • Vodafone Products and Services - Employees get a mobile phone, free communication plan, data card, and various discounts on services and products
  • Recognition - Recognition programs for innovative, creative, high-potential employees and exemplary behaviors
  • Health and Well-being - Well-being Program offers nutrition and psychological consultations, webinars, workshops, and discounts on various services and products
  • Learning - Access to Communities of Practice and a customizable digital training platform with high-quality content (namely Harvard Business Publishing and Skillsoft)
  • Local and International Mobility - Internal recruitment with local and international rotation opportunities across departments and roles
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy