Job&Talent

HQ - GRC Lead

Job&Talent  •  Kingdom of Spain (Onsite)  •  8 days ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

We are looking for a GRC Lead to own and scale our Governance, Risk, and Compliance function within a fast-growing product company. This is a key role responsible for ensuring compliance with SOX, ISO 27001, and GDPR, while enabling the business to move fast in a secure and controlled way.

You will act as the main driver of our compliance strategy, working cross-functionally with Engineering, Security, Legal, Finance, and Product teams.

What you will do

  • Own and lead the company’s GRC strategy across SOX, ISO 27001, and GDPR
  • Design, implement, and maintain SOX control frameworks, including documentation, testing, and audit readiness
  • Build and manage the Information Security Management System (ISMS) aligned with ISO 27001
  • Ensure GDPR compliance across all data processing activities, including data mapping, DPIAs, and privacy controls
  • Lead internal and external audits, acting as the primary point of contact for auditors
  • Identify compliance gaps and drive remediation plans with technical and non-technical teams
  • Develop governance policies, procedures, and risk management frameworks
  • Partner closely with Engineering and Security teams to embed controls into systems and SDLC processes
  • Monitor regulatory and compliance changes and translate them into actionable requirements

    • Requirements

  • 8+ years of experience in GRC, Risk, Compliance, or IT Audit roles
  • Strong hands-on experience with SOX compliance programs (design, testing, audit coordination)
  • Solid knowledge of ISO 27001 and experience managing or supporting ISMS implementation
  • Practical experience with GDPR in a product or corporate environment
  • Experience working with internal and external auditors
  • Strong stakeholder management and communication skills across technical and non-technical teams
  • Ability to translate regulatory requirements into scalable business processes
  • Fluent English

    • Nice to have

  • Experience in SaaS or product-led companies
  • Experience in Big 4 (Deloitte, EY, PwC, KPMG) or similar audit environments
  • Familiarity with cloud environments (AWS, GCP, Azure)
  • Security certifications (CISA, CISM, ISO 27001 Lead Implementer/Auditor)

    • #LI-ML3
    Job&Talent

    About Job&Talent

    Job&Talent is a world-leading, AI-powered workforce platform for essential industries. We help companies boost productivity and efficiency at scale, while providing workers with the opportunities and tools they need to thrive.

    Our mission is simple: to empower the people who make the world go round.

    Built on deep industry expertise, cutting-edge technology, and smart AI agents, our end-to-end platform covers the entire workforce lifecycle — from recruitment and planning to time and attendance, performance, cost management, and communication. It delivers measurable improvements in the areas that matter most: fulfilment, attendance, retention, and workforce quality.

    In 2024, Job&Talent placed over 300,000 workers across more than 3,250 companies in sectors such as logistics, manufacturing, and retail. Headquartered in Madrid, the company operates in 10 countries across Europe, the U.S., and Latin America.

    Industry
    IT & Software
    Company Size
    1,001-5,000 employees
    Headquarters
    Madrid, ES
    Year Founded
    2009
    Website
    jobandtalent.com
    Social Media