IT Security Associate

Company Description

Work smart, have fun and make an impact

Our purpose is to guide all companies toward a sustainable world. EcoVadis is the leading provider of business sustainability ratings. Our solutions are backed by an international team of experts and powerful technology. We analyze data and build sustainability scorecards that give companies actionable insights into their environmental, social and ethical risks.

Why apply to EcoVadis? Be a part of the global sustainability change in business. Grow your career. Work with extraordinary people. Feel valued for your contribution.

Learn more about our team and culture on EcoVadis careers page.

Job Description

We are looking for a specialist to join our IT Security team and support the organization's efforts in enhancing its security posture. You will be responsible for engaging with clients and stakeholders to understand their security requirements and effectively present our implemented security measures. This position offers the opportunity to contribute to diverse areas within IT Security, safeguarding our systems, data, and assets from evolving threats. 

This role, reporting directly to the IT Security Manager, will include the following responsibilities:

• Respond to security questionnaires from clients and other stakeholders,

• Review and analyze security clauses in contracts with clients and suppliers,

• Participate in clients meetings to address cybersecurity concerns and requirements,

• Conduct security reviews of internally used SaaS applications,

• Maintain and enhance external security posture using dedicated solutions,

• Support an audit response process by collecting and organizing evidence, coordinating interviews between auditors and subject matter experts, addressing auditors questions,

• Perform IT control assessments across the organization, 

• Assist in the implementation and maintenance of the IT Security Control Framework,

• Create and maintain security dashboards and reports for management and stakeholders, 

• Support the security exception management process,

• Monitor compliance with security policies, standards and regulations, 

• Document security processes and procedures, 

• Support development and delivery of IT security awareness programs,

• Drive continuous improvement and automation initiatives,

• Assist with other organizational security projects and tasks as assigned.

Qualifications

Technical Skills & Experience:

• Minimum 1 year of experience in a similar, customer-facing role, preferably within a cloud-based company,

• Experience engaging with clients on security matters, addressing concerns, explaining security controls and building trust. 

• Familiarity with GRC tools and security monitoring solutions, 

• Solid understanding of security controls and their implementation, 

• Experience supporting audits and facilitating interactions with auditors, 

• Ability to create security reports and dashboards for both technical and executive audiences, 

• Demonstrated research skills to develop security guidelines and propose improvements,

• Understanding of security exceptions management process and risk-based decision making, 

• Experience with SOC 2 is a plus,

• Hands-on experience with Google Workspace and Microsoft Azure is a plus.

Education & Knowledge:

• Degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent experience),

• Knowledge of security frameworks (e.g., NIST 800-53, ISO 27001),

• Familiarity with audit evidence requirements and documentation standards, 

• Knowledge of security assessment methodologies and risk analysis, 

• Familiarity with cybersecurity regulations (DORA, CRA, NIS 2) is a plus.

Soft Skills:

• Highly autonomous and proactive mindset,

• Self-motivated with ability to work independently when needed,

• Ability to translate technical security concepts to non-technical audiences, 

• Comfortable taking initiative and leading projects with minimal direction,

• Ability to pivot between tasks and adapt to changing priorities,

• Professional demeanor when interacting with clients and stakeholders, 

• Excellent organizational skills and ability to manage multiple projects,

• Collaborative mindset with ability to work across different teams,  

• Open to working in an international, multilingual environment,

• Fluent in English (oral and written). Knowledge of French is an asset.

Additional Information

Location: Hybrid in Barcelona (4 times a month in the office)

In return for your expertise, we offer:

• Support with all the necessary office and IT equipment
• Flexible working hours
• Wellness allowance for mental and physical wellbeing
• Access to professional mental health support
• Referral bonus policy
• Learning and development 
• Sustainability events and community involvement
• Peer recognition program
• Employee-led resource groups
• Remote work from abroad policy
• Meals and Transportation Vouchers (Cobee card)
• Dental Benefits 
• Life & Accident Insurance + Private Health Insurance
• Paid employee volunteer day
• Paid moving day (1/year)
• Time off: 1 Community Service Day + 1 Personal Day
• Summer Hours in July and August (36 hours per week)
• Hybrid Monthly Allowance for electricity and Internet

Our hiring team looks forward to reviewing your CV, in English, with a guaranteed response to every application. A new job with purpose awaits you! 

Don’t fit all the criteria but still think you’d be a good candidate? Please apply anyway to give our hiring team the opportunity to assess your skills and to learn more about what you could bring to EcoVadis. We’re interested in hiring from a diverse and skilled talent pool, regardless of professional and educational background.

Can the hiring process be adjusted to suit my needs? Yes. We want everyone going through the hiring process with EcoVadis to feel confident that you are able to demonstrate your full potential. We welcome applications from disabled people, people with long-term health conditions, and neurodiverse candidates. If you need any adjustments, including the provision of interview questions, please let the hiring team know.

Our team’s strength comes from everyone’s uniqueness and is founded upon mutual respect. EcoVadis commits to equity, inclusion and reducing bias in our hiring processes. EcoVadis does not accept any form of discrimination based on color, national or ethnic origin, ancestry, citizenship, religion, beliefs, age, sex, gender identity, sexual orientation, neurodiversity, disability, parental status, or any other protected characteristic that makes you unique. In your application, we encourage you to remove personal information such as: photographs, marital status, number of children, religion, gender, residential postal code, university graduation date, past medical or parental leave(s) taken, nationality (instead, please state if you are legally eligible to work in the job region/country), university name (instead, please state any degrees obtained and the study major).