Madrid (other locations in Spanish territory can be evaluated)
Working conditions
Remote
Position Summary/Objective DeNexus is solving actionable cyber-risk management with our DeRISK Software as a Service (SaaS) offering to enhance the decision making of industrial operation risk owners.
We are seeking a Compliance Specialist to ensure our products, services and internal practices adhere to regulatory requirements and industry standards, with a primary focus on SOC2 and ISO27001 compliance.
DeNexus DeRISK is fundamentally a tool for risk-minded business users, however there are security technical fundamentals that necessitate the involvement of a compliance specialist to capture and define requirements from uprising regulations and compliance frameworks including NIS2, NIST CSF, NIST CAF, and IEC 62443.
The compliance specialist is expected to drive DeNexus' compliance posture to ensure the company adheres to applicable laws, regulations, standards, and internal policies. They must have a deep understanding of relevant regulations and industry standards applicable to the organization, and the ability to interpret these regulations, and ensure that the organization understands its legal obligations.
Responsibilities/Duties: Internal Compliance ProgramsManage and maintain internal compliance programs, policies, and procedures, with a specific emphasis on SOC2 and ISO27001.Conduct regular audits and assessments to evaluate compliance with established standards and regulations.Collaborate with internal teams to identify compliance gaps and develop and lead remediation plans.Assist in the preparation of documentation for audits, certifications, and assessments.Participate in cross-functional projects to integrate compliance requirements into business processes and systems.Assist in the Customer Security and Compliance Screening process.Regulatory RequirementsMonitor changes in regulatory requirements and industry standards, ensuring timely updates to compliance processes.Serve as a subject matter expert on compliance matters, providing guidance and training to relevant stakeholders.Support the implementation of new compliance initiatives and frameworks, including NIS2, NIST CSF, CAF, and IEC 62443, where applicable.Stay abreast of emerging trends and best practices in compliance and information security.Product ComplianceGather compliance and regulatory requirements from the Customer Success Team and assist with product leadership team to ensure these are being translated into the product roadmap for DeNexus.Qualifications/Requirements: Bachelor's degree in a relevant field (e.g., Information Security, Compliance, Business Administration) or equivalent experience.Minimum of 3-5 years of experience in a compliance-related role, preferably in the technology or cybersecurity industry.In-depth understanding of SOC2 and ISO27001 standards, including hands-on experience with implementation and maintenance.Familiarity with other compliance frameworks such as NIS2, NIST CSF, CAF, and IEC 62443 is highly desirable.Strong analytical skills with the ability to interpret complex regulatory requirements and translate them into actionable tasks.Excellent communication and interpersonal skills, with the ability to effectively engage with stakeholders at all levels of the organization.Relevant certifications (e.g., CISA, CISSP, CISM) are a plus.Demonstrated ability to work independently and manage multiple priorities in a fast-paced environment.Attention to detail and a commitment to upholding the highest standards of compliance and information security.High level spoken/written Spanish and EnglishSkills: Strong Regulatory Knowledge.Meticulous attention to detail is essential to ensure accuracy and thoroughness.Proficiency in project management methodologies to effectively plan, execute, and monitor compliance initiatives, ensuring they are completed on time and within budget.Strong problem-solving skills to identify compliance gaps, root causes of non-compliance, and develop effective remediation plans.Ability to build and maintain relationships with stakeholders across the organization, including senior leadership, IT teams, legal departments, and external auditors.High ethical standards and integrity in managing compliance processes and handling sensitive information.Flexibility to adapt to changing regulatory environments, organizational priorities, and emerging compliance challenges.Ability to work collaboratively across different departments and functions to integrate compliance requirements into business processes and systems effectively.Strong communication and presentation skills, both written and verbal.We offer a dynamic, flat hierarchical, start-up environment where your contribution counts.working flexibly-hybrid, connecting our multicultural global teams in the US, UK, EU Spain, Italy/Switzerland virtual and personally.We are open-minded and provide equal opportunities, committed to diversity, equity and inclusion and are in compliance with relevant employment laws and regulations.Salary/Benefits: We offer over local market average salaries and attractive compensation packages.We care about our team including health insurance, retirement plans and paid time off.A dedicated people team cares about holistic wellbeing. Application Process: please apply via our webpage 1 or 2 interviews with our technical and HR teamEqual Opportunity Statement:
DeNexus welcomes diversity. It makes us an equal opportunity employer and a fun place to work full of people with different backgrounds, perspectives, and skills. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
#J-18808-Ljbffr
