Information Technology Risk Manager

From Hays,

we're colaborating with a

global leader in digital automation and AI‑powered operational transformation

, operating across multiple countries and serving large enterprise customers. They specialise in

end‑to‑end digital process optimization

, including complex, technology‑driven environments in which

information governance, compliance, and risk management

are mission‑critical.

We're looking for an

IT Risk Manager / IRM Analyst

to help strengthen and operationalise the company’s

Information Security Risk Management framework

. You will be part of a growing governance team responsible for ensuring

security controls, risk mitigation activities, ISO 27001 compliance, and audit readiness

across several business units, acting as a bridge between high‑level governance requirements and practical implementation across IT functions.

Required Skills & Experience 3–5 years

of experience in

Information Security, IT Audit, or IT Risk Management

. Strong practical knowledge of

ISO 27001

(implementation, management, or auditing). Familiarity with

ISO 31000 / ISO 27005

risk methodologies. Experience with

GRC tools

(Archer or similars). Advanced level of

English (fluency). Experience engaging with senior IT stakeholders and cross‑functional teams. Strong analytical mindset, autonomy, and clear communication skills. ISO 27001 Lead Implementer/Auditor certification is highly valued.

Key Responsibilities Conduct systematic

IT Risk Assessments

in complex, multi‑entity environments. Align all risk management activities with the organisation’s

IRM framework

. Support and monitor the implementation and effectiveness of

ISO 27001:2022 Annex A controls

. Develop and follow up on

risk treatment plans

with IT and Security teams. Ensure accurate

scoping and classification of IT assets

following CIA principles. Act as a key contact for

internal and external audits

, ensuring evidence collection and compliance reporting. Collaborate with application owners, governance teams, architecture, and security stakeholders.

What we offer Full-time

opportunity with

Perm/Freelancer contract. Flexibility to work

100% remotely or hybrid

in one of the offices in Madrid, Barcelona, Córdoba or Coruña. Chance to work in a

high‑impact global technology environment

, driving governance and security maturity. Exposure to advanced

automation, AI‑driven processes, and highly scalable digital platforms

.

If you are interested and want to contribute to a modern, innovation‑driven global organisation,

please apply to this offer with your CV

, so we can contact you for more information.