IT Risk Manager Analyst – Compliance & Controls

Join N-iX as an IT Risk Manager Analyst – Compliance & Controls and operationalize the Information Security Risk Management (IRM) framework across the group. Implement ISO 27001 controls, ensuring IT assets are correctly scoped, classified, and protected. Act as a guardian of compliance, bridging the gap between corporate rules and technical security controls.

Requirements

• Experience performing IT Risk Assessments in complex environments.
• 3–5 years of experience in Information Security, IT Audit, or IT Compliance.
• Hands-on experience with ISO 27001 (implementation, management, or auditing).
• Familiarity with international security standards, regulatory requirements (e.g., NIS2, GDPR) and industry best practices for IT Risk Management.
• Strong understanding of Risk Management methodologies (e.g., ISO 31000, ISO 27005).
• Knowledge of the ISO 27001:2022 control set (Annex A).
• Ability to interpret 'Corporate Rules' and translate them into actionable risk management tasks.
• Experience with GRC (Governance, Risk, and Compliance) software tools is a plus (Archer, others).
• Advanced Spanish and English language level.
• Strong analytical and structuring skills
• Ability to work with senior stakeholders
• High level of autonomy and ownership
• Pragmatic and solution-oriented mindset
• Degree in IT, Information Security, or related field
• ISO 27001 Lead Implementer or Lead Auditor training is a plus

Benefits

• Flexible working format - remote, office-based or flexible
• A competitive salary and good compensation package
• Personalized career growth
• Professional development tools (mentorship program, tech talks and trainings, centers of excellence, and more)
• Active tech communities with regular knowledge sharing
• Education reimbursement
• Memorable anniversary presents
• Corporate events and team buildings

Originally posted on Himalayas