Descripción del Puesto
We are looking for a
hands‑on, operational Cybersecurity Architect & GRC (
Governance, Risk, and Compliance)
Lead
to play a key role in strengthening security across our global digital ecosystem.
This role combines
technical cybersecurity expertise
with a strong foundation in
Governance, Risk & Compliance (GRC)
, ensuring that security becomes a natural enabler for innovation, delivery, and growth.
You will work closely with technical and business teams across several countries, helping them embed secure‑by‑design principles, navigate complex regulatory environments, and improve security practices in a pragmatic and solution‑driven way.
What You Will Do
Strategic & Operational Leadership
Represent the CISO Office within your assigned IT domain, ensuring alignment with global security objectives.
Act as the bridge between
security architecture
,
risk management
, and
operational delivery
, ensuring both perspectives coexist effectively.
Active Partnership & Coaching
Provide practical guidance—not just theoretical recommendations—to help teams deliver secure solutions.
Support and challenge teams constructively, especially during high‑pressure or complex situations.
Coach teams to improve their security mindset and adopt best practices.
Technical Security & Architecture
Drive the integration of security into solution design, project delivery, and daily operations.
Apply an
architectural mindset
to evaluate risks, understand the big picture, and structure actionable solutions.
Ensure secure architectures in environments influenced by strict regulations, including:
Defense & Space, US, EU, and military standards (not mandatory)
Governance, Risk & Compliance (GRC)
Ensure adherence to security frameworks and regulatory requirements (SOX, ISO 27001, NIST, etc.).
Lead risk management activities, vulnerability assessments, and compliance initiatives.
Maintain alignment between compliance needs and delivery objectives.
Delivery Enablement
Identify blockers and remove obstacles so teams can move forward securely and efficiently.
Ensure cybersecurity functions as a business enabler—not a bottleneck.
Drive initiatives from proposal to implementation and full closure.
Stakeholder Engagement & Management
Build trust with stakeholders at all levels and influence decisions through clarity, calmness, and credibility.
Contribute to management‑level discussions and guide teams through sensitive or complex security topics.
Continuous Improvement
Evaluate current security practices and identify areas of enhancement.
Promote continuous learning, shared responsibility, and a high‑trust security culture.
Lead the adoption of improved processes and technologies to strengthen security posture.
What You Bring
Experience & Knowledge
5+ years
in Information Security, IT Operations, or similar roles.
Balanced background in:
GRC:
governance, risk management, compliance
Technical cybersecurity:
architecture, security operations, risk analysis
Strong experience in risk management and secure solution design.
Exposure to regulated environments (defense, aerospace, government, or similar).
Certifications such as CISSP, CISM or CISA are valued but
not mandatory
.
Core Skills
Ability to influence, persuade, and navigate resistance.
Calm, precise, and resilient when facing pressure or complaints.
Strong delivery mindset: propose → implement → follow through until closure.
Excellent communication and stakeholder‑management capabilities.
Structured, analytical thinking with the ability to connect the dots at architectural level.
Languages
Fluent English.
French is a plus.
What You Will Get
Competitive salary and benefits package.
Extended maternity/paternity and co‑parenting leave (based on local regulations).
Access to a global training platform.
Free physical and psychological well‑being sessions.
100% remote work from Spain
, or hybrid model in Portugal (up to 4 days onsite per week).
Direct reporting to the CISO.
Collaboration with an international team across the U.S., France, Italy, and Spain.
