Information Security Governance, Risk, and Compliance Analyst

OneTrust develops technology that supports responsible data and AI practices. Since 2016, the company has helped organizations manage data ethically while maintaining momentum in innovation. The AI-Ready Governance Platform™ combines regulatory insights, automation, and unified workflows to help businesses worldwide ensure data reliability and responsible growth. Role overview The Information Security Governance, Risk, and Compliance (GRC) Analyst works within the InfoSec GRC group, collaborating with IT and Information Security teams. The analyst manages a variety of governance, risk, and compliance activities to support OneTrust’s security posture. Main responsibilities Customer Security Assurance & Questionnaires Manage a large volume of customer security questionnaires (CAQs), RFP security sections, and assurance documents such as SIG, CAIQ, and custom questionnaires from start to finish. Deliver accurate, consistent responses using internal resources, including SOC reports, ISO certifications, company policies, standards, network diagrams, and penetration test summaries. Coordinate with teams across Sales, Marketing, Customer Success, Security, Engineering, Privacy, Legal, Compliance, and Product to confirm information and resolve any discrepancies. Customer Engagement & Security Discussions Communicate directly with customers and prospects about security controls, risk management practices, and compliance needs. Present security topics clearly, adapting the level of detail for both technical and non-technical audiences. Assist Sales and Customer Success teams by addressing security concerns, clarifying audit scopes, and supporting procurement activities. Location This role is based in Madrid, Spain.

Welcome! We are Fever, the premier tech platform for culture and live entertainment.Our mission is to democratize access to culture and entertainment. Utilizing our cutting-edge technology and data-driven strategies, we are transforming how audiences engage with live events. Each month, our platform captivates over 300 million individuals across more than 40 countries, guiding them to discover unforgettable experiences while empowering event creators with our innovative tools to scale, innovate, and enhance their offerings for broader audiences.Our achievements include partnerships with industry giants such as Netflix, F.C. Barcelona, and Primavera Sound, delivering internationally recognized experiences and supported by leading global investors! Exciting, right? We seek dedicated individuals with a proactive approach who are excited about shaping the future of entertainment!Ready to be part of this journey?Now, let’s explore the responsibilities of this role and how you can contribute to Fever’s mission.About the Role:The Information Security, Risk & Compliance Manager will be instrumental in crafting and executing our information security and cybersecurity compliance strategy, focusing on maintaining crucial certifications such as ISO 27001 and ENS, among others, while championing the company’s commitment to achieving top-tier security standards.The ideal candidate will collaborate with internal teams to assess and uphold information security policies, conduct risk assessments, align with governance frameworks, and manage responses to security questionnaires. Additionally, this role will assist in preparing for external audits and actively work to bolster the organization’s security posture by identifying areas for compliance enhancement. A strong understanding of security frameworks, governance processes, and risk management is essential to keep the organization's certifications and policies current.If you excel in a dynamic environment and are passionate about pushing the boundaries of what’s possible, this is your chance to make a significant impact in a fast-growing global leader.

Role overview atexis seeks a Technical Information Analyst in Madrid to work on security and defense support projects. This role centers on analyzing technical and operational data and turning it into insights that help guide decisions. The goal: strengthen how teams operate and respond to challenges. What you will do Review and interpret technical and operational information tied to security and defense work Deliver clear, actionable insights for decision-makers Support the development of strategies that enhance client safety and security Impact Work in this position directly shapes safer outcomes for clients and plays a key role in the success of security and defense projects at atexis.

Join Destinus Group as a Security & Compliance Manager and be at the forefront of safeguarding our operations while ensuring adherence to the highest compliance standards. In this pivotal role, you will lead the development and implementation of security policies, perform risk assessments, and work closely with various teams to enhance our security posture.The ideal candidate will possess a strong background in security management, compliance frameworks, and risk analysis. You will collaborate with cross-functional teams to create a culture of security awareness and compliance.

Location: Madrid, Comunidad de Madrid, Spain About SAMY SAMY helps brands connect and grow in a social-first world. With over 1,000 employees in 15+ offices across 18 countries, we deliver digital campaigns for more than 100 top clients in 55 markets. Our teams combine research, creative strategy, technology, and influencer marketing to build data-driven solutions that drive results. Role Overview SAMY is hiring an AI Governance Manager to strengthen our global Governance, Risk & Compliance (GRC) and AI governance programs. This leadership role will shape and advance our AI governance and compliance framework across all SAMY entities. The work splits evenly between managing operational risk and building new AI governance initiatives. What You Will Do AI Governance & Strategy Lead AI governance efforts across all SAMY entities Define policies, standards, and principles for responsible AI use Integrate AI governance into current GRC and security frameworks Act as the main point of contact for AI governance topics Risk Management & Compliance (50%) Build and maintain an AI risk management framework Identify, assess, and mitigate AI-related risks Ensure compliance with regulations such as the EU AI Act and GDPR Maintain a risk register and provide reports to leadership Support internal and external audits AI Governance Build & Innovation (50%) Design and implement an AI governance framework Define governance processes for the AI lifecycle and project approval Set up vendor and third-party risk management for AI solutions Develop a roadmap for governance maturity and promote adoption Stakeholder & Vendor Management Work with IT, Legal, HR, and business teams Manage relationships with external AI vendors and governance partners Who We’re Looking For We welcome candidates with experience in GRC, Information Security, Risk Management, or AI Governance. GRC professionals interested in moving into AI governance leadership are also encouraged to apply. Success in this role means bringing structure, ownership, and direction to a complex, international environment and supporting responsible AI adoption.

Hello! We are Fever, the premier technology platform dedicated to culture and live entertainment.Our vision? To make culture and entertainment accessible to everyone. Utilizing our advanced technology and data-centric approach, we are transforming how individuals connect with live entertainment. Each month, our platform motivates over 300 million people across more than 40 countries to uncover remarkable experiences while also equipping event creators with essential data and technology, enabling them to scale, innovate, and attract new audiences.Our achievements? We've collaborated with prominent industry figures such as Netflix, F.C. Barcelona, and Primavera Sound, created internationally acclaimed experiences, and gained the support of leading global investors! Quite impressive, right? To further our mission, we are in search of dynamic individuals with a proactive mindset who are enthusiastic about shaping the future of entertainment! Ready to embark on this journey with us?Now, let’s delve into the details of this role and how you will contribute to Fever’s mission.About the RoleAs a Supplier Risk & Compliance Specialist, you will be pivotal in enhancing Fever's supplier governance, compliance processes, and procurement tools on a global scale.This role emphasizes supplier risk management, compliance, and the governance of procurement tools, ensuring suppliers are onboarded, managed, and monitored in a structured, scalable, and compliant manner. You will collaborate closely with teams in Procurement, Trust & Safety, Cybersecurity, Legal, and Finance to boost visibility, traceability, and adoption across the organization.Key Responsibilities:Support the implementation of Fever’s policies and procedures regarding supplier risk and compliance.Conduct thorough risk assessments and audits of suppliers.Collaborate with cross-functional teams to enhance compliance frameworks.Monitor supplier performance and compliance metrics.

Role Overview MSX International is seeking a Software Compliance & SDLC Governance Lead in Madrid. This position focuses on maintaining strong compliance throughout the software development lifecycle. The role centers on improving governance, reducing risk, and upholding software quality standards. What You Will Do Lead efforts to strengthen software development governance and compliance. Identify and address risks within the SDLC. Work closely with cross-functional teams to put effective practices in place. Promote continuous improvement across all phases of software development. Collaboration This role involves frequent collaboration with colleagues from different departments to ensure compliance standards are met and maintained throughout every stage of the software lifecycle.

Role Overview Payoneer is hiring a Compliance Data Analyst for the Madrid office. This role focuses on analyzing data to support regulatory compliance and strengthen internal compliance processes. The position plays a key part in identifying risks and helping the company operate within legal requirements. Key Responsibilities Analyze data sets to monitor compliance with regulatory standards Support efforts to improve and update the compliance framework Identify and flag potential compliance risks using analytical methods Help ensure company operations align with legal obligations Location This position is based in Madrid, Spain.

Join our dynamic VANTAGE team at Control Risks as a Compliance Due Diligence Researcher, where your expertise will be vital in evaluating our clients' counterparties for potential reputational and compliance risks. This role demands a keen eye for detail and the ability to synthesize complex information swiftly.Your responsibilities will include conducting thorough media and database research, analyzing primary documents, and identifying politically exposed individuals and potential sanctions exposure. You will distill your findings into concise reports and collaborate with colleagues across the organization on various projects.As part of our compliance-driven approach, you will utilize your research skills to provide insights that help safeguard our clients' interests.

Join Syngenta Group as an ESG Reporting and Compliance Analyst, where you will play a pivotal role in driving our sustainability initiatives. In this position, you will be responsible for compiling, analyzing, and reporting on our environmental, social, and governance (ESG) performance metrics. Your insights will guide our decision-making processes and enhance our compliance with international standards.

Ebury empowers ambitious businesses to achieve global growth, and we extend this philosophy to our employees. We foster an innovative atmosphere that encourages collaboration, problem-solving, and a sense of belonging, where everyone is valued and supported to thrive.If you are a team player eager to reshape how businesses function worldwide, we invite you to connect with us—together, we can accelerate your career and influence the future.Data Analyst - Credit Risk & UnderwritingEbury (Madrid) Office - Hybrid: 4 days in the office, 1 day working from home per weekMissionJoin Ebury's Analytics team in Madrid to develop and enhance the data models and predictive frameworks that drive our Underwriting and Credit Risk decisions. Your role will encompass more than reporting; you will create scalable analytics solutions, train explainable ML models, and translate risk signals into actionable business strategies.What you’ll doDesign, build, and maintain robust dbt data models that convert raw data into analytics-ready assets for Credit Risk and Underwriting.Write and optimize complex SQL and Python pipelines to model credit outcomes and identify early warning signals.Train, validate, and document explainable ML models (e.g., logistic regression, gradient-boosted trees) to forecast defaults and portfolio behavior.Take ownership of key Underwriting and Credit Risk KPIs, ensuring that dashboards are precise and current.Create and manage dashboards in Sigma and Looker Studio that make risk data accessible to Business and Product stakeholders.Collaborate with Underwriting, Credit Risk, and Product teams to transform model outputs into strategic actions.What you'll ownThe comprehensive data modeling layer for Underwriting and Credit Risk analytics.Portfolio health monitoring and alerting framework.Documentation and explainability artifacts for all production ML models.Stakeholder-facing dashboards and regular risk reporting cadence.Tech stack & environmentLanguages: SQL, PythonData modeling: dbtBI / visualization: Sigma, Looker StudioML modeling: Predictive modeling (XGBoost, CatBoost, Scikit-learn)Cloud / warehouse: BigQuery, GCP

Join our dynamic team at SGS, where we are on a mission to enhance compliance through innovative solutions!The e-Compliance Business Analyst serves as a vital link between business stakeholders and technical teams, ensuring the successful implementation of electronic invoicing and electronic reporting solutions. In this role, you will gather requirements, analyze business processes, and deliver functional specifications that align with our organizational goals.Your expertise will be instrumental in understanding the diverse needs of multiple stakeholders. You will assess impacts across various business lines, functions, and solutions, translating these into well-documented requirements while supporting their prioritization.Adhering to agreed standards, you will apply appropriate techniques to analyze and document applications and business requirements, facilitate the creation of high-level and detailed functional designs, set acceptance criteria, review and validate testing plans, and oversee User Acceptance Testing (UAT). Collaboration with technical teams is key to ensuring that specifications are understood and implemented effectively. You will also assist in creating training materials and developing a robust knowledge base for application features.As part of the demand management process, you will provide thorough analysis of business requirements, offering insights into the complete backlog of demands, improvement opportunities, requested changes, required upgrades, and technology refresh initiatives.Your role will also involve supporting Service Managers by providing information and clarifications on functional requests related to the services offered.This multifaceted position includes, but is not limited to, the following responsibilities:Requirements Gathering & Analysis:Collaborate with business stakeholders to elicit, document, and validate statutory requirements and local regulations related to e-Compliance.Analyze existing business processes, identifying opportunities for improvement.Conduct workshops and prepare presentations to share insights and findings.Functional Design & Documentation:Create detailed functional specifications, user stories, and acceptance criteria for e-Compliance projects.Document workflows, data flows, and integration points with other systems (ERP, solution providers, government portals).Solution Delivery:Work closely with development teams to ensure requirements are correctly understood and implemented.Support testing phases (UAT, SIT) by preparing test cases and validating functionality against requirements.Performance & Optimization:Monitor post-implementation performance and assist in ongoing improvement initiatives.Stakeholder Communication:Prepare and deliver reports, dashboards, and presentations for business stakeholders.

Ebury empowers dynamic businesses to achieve global expansion, and we adopt the same philosophy with our team. We promote innovation and mobility, collaboration and problem-solving, nurturing an environment where each individual feels a sense of belonging, is appreciated, supported, and equipped for success.If you are a team player eager to revolutionize global business operations, reach out to us - we would be excited to explore how Ebury can enhance your career journey and help you shape the future.Financial Risk - CASS & Safeguarding ManagerEbury Madrid Office - Hybrid: 4 days in the office, 1 day working from home per weekRole Overview:Ebury is looking for a driven and detail-focused Financial Risk - CASS & Safeguarding Manager to play an essential role in ensuring the robust safeguarding of customer funds and compliance with relevant regulations, particularly regarding safeguarding requirements and applicable regulations of the Client Assets Sourcebook (CASS) or local equivalents.Located in our Madrid office, you will be tasked with establishing, maintaining, and overseeing the monitoring framework for safeguarding and CASS compliance throughout the organization. This role goes beyond safeguarding; you will also be a vital contributor to Ebury’s Financial Risk Management function. This position demands exceptional analytical skills, organizational capabilities, and the ability to collaborate with multiple internal stakeholders to ensure consistent implementation of risk standards.Key Responsibilities:Develop and Implement Monitoring Frameworks: Design, execute, and maintain thorough monitoring programs to evaluate the effectiveness of safeguarding arrangements and, where applicable, CASS compliance across all business sectors.Conduct Compliance Monitoring: Carry out regular monitoring tasks, which include but are not limited to:Reviewing and testing governance, procedures, and controls related to safeguarding and UK Client Money & Assets (CASS).Analyzing transaction data and reconciliation processes to detect potential breaches or vulnerabilities.Conducting thematic reviews and risk-based evaluations of safeguarding and CASS compliance.Performing on-site and remote inspections of operational processes.Identify and Report Findings: Meticulously document monitoring activities, findings, and recommendations in clear and concise reports.

Role overview N26 seeks a Banking Operations Analyst in Madrid with a focus on GDPR compliance. This position is responsible for making sure banking operations consistently uphold strict data protection and privacy standards. The work directly contributes to customer trust and helps maintain the quality of N26’s banking services. What you will do Review and analyze current operational processes to spot areas where data protection and privacy can be improved. Collaborate with teams across the company to ensure GDPR requirements are clearly understood and consistently applied. Support the implementation and ongoing maintenance of practices that keep N26’s operations in line with GDPR standards. Requirements Strong attention to detail and a systematic approach to compliance tasks. Genuine interest in operational excellence and data privacy. Comfort working with cross-functional teams and building effective collaboration.

Ebury’s Data Analytics & Compliance team is looking for a Data Analyst focused on Financial Crime Compliance Reporting. Based in Madrid, this hybrid role requires four days per week in the office and one remote day. The team’s work supports Ebury’s growth by building analytics and data models that help detect financial crime risks, monitor compliance, and fulfill regulatory obligations across multiple jurisdictions. Role overview This position centers on supporting the Regulatory Financial Crime Compliance area. Regular collaboration with Compliance, Risk, and Product teams is part of the role, with a shared goal to develop and implement data-driven controls, detection mechanisms, and investigative tools. Projects often involve creating curated data models for global financial crime risk indicators, automating standardized reports, and enhancing the regulatory reporting engine with datasets for transaction monitoring, screening, and client KYC. What you will do Design and maintain data models and datasets for transaction monitoring, customer risk scoring, and financial crime investigations. Manage the full delivery cycle for FinCrime analytics solutions, from requirements gathering to data extraction, transformation, validation, and deployment. Develop and refine detection logic and monitoring rules, including transaction monitoring scenarios and anomaly detection. Perform data quality checks and controls to ensure completeness, accuracy, and auditability of FinCrime datasets. Build dashboards and analytical tools using platforms such as Looker and Looker Studio to monitor risk exposure and investigation pipelines. Support regulatory and internal audits by ensuring data and methodologies are traceable. Work environment The Madrid-based team values practical problem-solving, innovation, and collaboration. Team members contribute to a culture where respect and empowerment are priorities, and professional development is encouraged alongside Ebury’s global ambitions.

Join our dynamic team at inetum2 as a SAP GRC Consultant. In this role, you will leverage your expertise in governance, risk, and compliance to help our clients optimize their SAP systems and ensure compliance with regulatory requirements. You will be responsible for conducting assessments, implementing GRC solutions, and providing ongoing support to enhance our clients' operations.

Join our dynamic team at SGS, where we are seeking a skilled Auditor for ISO 27001 and ENS Security Systems Certification. In this pivotal role, you will be responsible for evaluating and certifying information security management systems against international standards. Your expertise will play a crucial role in enhancing the security posture of our clients.As an Auditor, you will conduct assessments, prepare reports, and provide actionable recommendations to improve compliance and security practices. You will collaborate with a wide range of clients across various sectors, ensuring they meet the highest standards of information security.

Join our dynamic team at Devoteam as an L2 Analyst for our Security Operations Center (SOC). In this role, you will be responsible for monitoring, detecting, and responding to security incidents, ensuring the integrity and safety of our clients' digital environments. You will work closely with a team of cybersecurity professionals to analyze potential threats and implement effective security measures.

Role Overview MSX International is looking for an IT Compliance Specialist in Madrid to help safeguard information assets and ensure ongoing adherence to industry standards and regulations. This role supports the organization’s commitment to protecting client trust and data integrity. What You Will Do Develop and implement compliance programs tailored to IT operations Oversee ongoing compliance initiatives and monitor their effectiveness Conduct audits to assess compliance with relevant standards and regulations Advise teams and stakeholders on compliance requirements and best practices

Nexthink is hiring a Data Analyst / Engineer in Madrid. This full-time role centers on turning complex data into clear, practical insights that support strategic choices across the organization. Role overview This position focuses on analyzing and interpreting data to support Nexthink’s digital experience goals. The work involves using analytical skills to advance data-driven projects and help guide important decisions. What you will do Transform raw data into insights that inform strategy Support ongoing data initiatives to strengthen decision-making Contribute to maintaining Nexthink’s focus on digital experience Location This role is based in Madrid.