Information Risk Specialist – 2nd Line of Defense
N
Nationale Nederlanden Vida Compañía De Seguros Y Reaseguros S.A.E.
📍 alcobendas, madrid, Spain
Job Description
Overview
Do you want to play a key role in strengthening the digital resilience of a leading Top Employer in Spain? This position sits at the intersection of technology, security, regulation and business, bringing clarity to complex risk topics and enabling secure, responsible decision‑making in areas such as cloud, AI, data protection and emerging technologies. It offers real influence, working closely with technology, security and business teams, with visibility at the senior‑management level. Responsibilities
Shaping how IT security frameworks and standards (ISO 27001/27002, COBIT, ISF) are applied and challenged across the organisation. Translating regulations such as GDPR, DORA, EIOPA and the AI Act into practical, actionable guidance. Evaluating whether IT controls, processes and architectures effectively manage real risks. Interpreting insights from penetration tests, vulnerability scans and threat‑modelling. Providing independent risk input to major technology...
Do you want to play a key role in strengthening the digital resilience of a leading Top Employer in Spain? This position sits at the intersection of technology, security, regulation and business, bringing clarity to complex risk topics and enabling secure, responsible decision‑making in areas such as cloud, AI, data protection and emerging technologies. It offers real influence, working closely with technology, security and business teams, with visibility at the senior‑management level. Responsibilities
Shaping how IT security frameworks and standards (ISO 27001/27002, COBIT, ISF) are applied and challenged across the organisation. Translating regulations such as GDPR, DORA, EIOPA and the AI Act into practical, actionable guidance. Evaluating whether IT controls, processes and architectures effectively manage real risks. Interpreting insights from penetration tests, vulnerability scans and threat‑modelling. Providing independent risk input to major technology...