Information Security and Privacy Compliance Consultant

Company Description

Inetum is a European leader in digital services. Inetum’s team of 28,000 consultants and specialists strive every day to make a digital impact for businesses, public sector entities and society. Inetum’s solutions aim at contributing to its clients’ performance and innovation as well as the common good. Present in 19 countries with a dense network of sites, Inetum partners with major software publishers to meet the challenges of digital transformation with proximity and flexibility. Driven by its ambition for growth and scale, Inetum generated sales of 2.5 billion euros in 2023.

Job Description

We are looking for an Information Security and Privacy Compliance Consultant to join our team. In this role, you will ensure compliance with legal, regulatory, and other requirements related to information security and data protection, promoting the implementation of policies, procedures, and controls aligned with the needs of the Group and the Global Area.

Information Security

• Adapt, implement, and maintain information security policies, standards, procedures, and guidelines according to group and area standards.
• Conduct security audits, implement controls, and evaluate their effectiveness.
• Supervise and monitor action plans associated with the implementation of security measures.
• Collaborate in the management of security incidents, ensuring an effective and coordinated response.
• Identify opportunities for improvement in security processes and propose solutions.
• Define, measure, and analyze statistics related to information security and keep indicators updated.

Privacy

• Ensure compliance with GDPR and other legislation and standards related to personal data protection.
• Collaborate in identifying and mitigating risks related to the processing of personal data.
• Provide support and guidance to various group areas in implementing privacy measures.
• Participate in the management of incidents related to privacy and data breaches.
• Keep privacy documentation updated, such as records of processing activities, impact assessments (PIA/DPIA), and internal policies.
• Promote privacy training and awareness among employees.

Cross-Functional Functions

• Ensure the proper integration of security and privacy measures in area processes and projects.
• Collaborate with technical and legal areas to ensure alignment between system security and regulatory compliance.
• Develop compliance strategies that balance the group's operational needs with regulatory and security requirements.
• Participate in the collection of information for internal or external audits and provide support for this exercise.

Qualifications

• Degree in Computer Engineering, Telecommunications, or related STEM fields (Science, Technology, Engineering, Mathematics).
• Minimum of 5 years of experience in similar positions in regulatory compliance, information security, and privacy.
• Intermediate level of Spanish and/or English.
• Planning and organization, analytical thinking, teamwork, and results orientation.
• Deep knowledge of information security and data protection standards, such as ISO 27001, ISO 27002, ISO 27701, GDPR, NIS2, DORA, HdS, and other local regulations, such as the Personal Data Protection Law (Law No. 58/2019).Information Security certifications such as CISA, Lead Auditor ISO 27001, CGEIT, CRISC, CISSP, CISM, among others, will be valued.