Security Compliance Analyst

🇪🇸 Spain - Remote
🔒 Cybersecurity🟢 Entry Level

Job description

If you’re here, it’s because you’re looking for an exciting ride.

A ride that will fuel up your ambitions to take on a new challenge and stretch yourself beyond your comfort zone.

We’ll deliver a non-vanilla culture built on talent, where we work to amplify the impact on millions of people, paving the way forward together.

Not your usual app. We are the fastest-growing multi-category app connecting millions of users with businesses, and couriers, offering on-demand services from more than 170,000 local restaurants, grocers and supermarkets, and high street retail stores. We operate in more than 1500 cities across 23 countries.

Together we revolutionise the way people connect with their everyday needs, from delivering essentials to connecting our ecosystem of users through innovative solutions powered by technology. For us, every day is filled with purpose.

What makes our ride unique?

🤝 Our culture and strong values.

💪 Our career development philosophy.

🤝 Our commitment to being a force for good.

We have a vision: Building the largest marketplace in your city, to give access to anything in minutes . And this is where your ride starts.

YOUR MISSION

Glovo is currently seeking a Security Engineer for the Security GRC team with focus on Compliance to strengthen our organization’s security posture and ensure adherence to a rapidly evolving regulatory landscape. In this  role, you will be pivotal in managing traditional security frameworks like PCI and ISO. The ideal candidate has a strong background in cybersecurity, a keen interest in AI security governance, and the ability to translate complex legal requirements into practical, actionable security controls.

THE JOURNEY

  • Develop, implement, and maintain security policies and procedures in line with relevant compliance frameworks (e.g., ISO 27001, NIST, SOC 2, GDPR, NIS2).
  • Build and maintain the control matrix in alignment with multiple compliance frameworks and standards, ensuring a clear mapping of controls to requirements.
  • Implement processes and tools for continuous monitoring of security controls and compliance metrics to ensure ongoing adherence to policies.
  • Lead the end-to-end security certification and re-certification process (such as PCI DSS, ISO 27001, NIS2, among others).
  • Conduct internal assessments to identify gaps, weaknesses, or non-compliance issues within our security controls. Support external audits by preparing documentation and coordinating with auditors.
  • Create and maintain comprehensive documentation for all compliance-related activities, including audit findings, risk assessments, and remediation efforts. Prepare regular reports for management on the status of our security posture.
  • Coordinate and respond to customer security inquiries and due diligence questionnaires (e.g., SIG, CAIQ). Review and provide input on contract modifications related to security, data protection, and privacy.
  • Serve as a key liaison between technical teams, legal, internal audit, and business units to ensure a unified approach to security and compliance
  • Assist in developing and delivering security awareness programs to educate employees on best practices and compliance requirements.

Assist inassessing security risks, recommending and implementing mitigation strategies,  maintaining a risk register and monitoring the status of remediation plans.

WHAT YOU WILL BRING TO THE RIDE

  • BA/BS in Computer Science, Information Systems, or similar field.
  • Professional security certifications (CISSP, CISM, CISA, ISO 27001 Lead Implementer or equivalent).
  • Minimum 5 years of experience in the field or in a related area.
  • Solid understanding and previous experience of security control frameworks (NIST, PCI DSS, GDRP, ISO 27001, NIS2)
  • Hands-on experience with GRC platforms (e.g. RSA Archer, SAP GRC, StandardFusion, ServiceNow, OneTrust, etc).
  • Strong ability to manage and report on multiple projects, prioritizing efforts, managing time effectively, and requiring minimal direction in the execution.
  • Proven problem solving, analytical and investigative skills combined with the ability to develop creative solutions and navigate through ambiguity in a fast-paced, agile environment.
  • Proven team player, collaborating well with others to tackle problems in a team-focused dynamic.
  • Excellent written and communications skills, as well as strong interpersonal and relationship building skills.
  • Experience with compliance in cloud environments (AWS, Azure, GCP) and knowledge of frameworks like the Cloud Controls Matrix (CCM).

Nice to have:

  • Development skills to automate integrations or processes (e.g. python).
  • Experience with developing, documenting, and testing Business Continuity Plans (BCP) and Disaster Recovery (DR) plans.
  • Working knowledge of the EU AI Act, including its risk-based approach and requirements for high-risk and general-purpose AI models. Familiarity with AI security threats and relevant frameworks (NIST AI RMF, MITRE ATLAS).

Individuals representing diverse profiles, and abilities, encompassing various genders, ethnicities, and backgrounds, are less likely to apply for this role if they do not possess solid experience in 100% of these areas. Even if it seems you don’t meet our musts don’t let it stop you, we are all about finding the best talent out there! Skills can be learned, and embracing diversity is invaluable.

We believe driven talent deserves:

  • 🌟 An enticing equity plan that lets you own a piece of the action.
  • 💪 Top-notch private health insurance to keep you at your peak.
  • 🍔 Monthly Glovo credit to satisfy your cravings!
  • 💳 Discounts on transportation, food, and even kindergarten expenses.
  • 🏊 Discounted gym memberships to keep you energized.
  • 🏖️ Extra time off, the freedom to work from home two days a week, and the opportunity to work from anywhere for up to three weeks a year!
  • 👪 Enhanced parental leave, and office-based nursery.
  • 🧠 Online therapy and wellbeing benefits to ensure your mental well-being.

Here at Glovo, we thrive on diversity, we believe it enhances our teams, products, and culture. We know that the best ideas come from a mashup of brilliant diverse minds. This is why we are committed to providing equal opportunities to talent from all backgrounds - all genders, racial/diverse backgrounds, abilities, ages, sexual orientations and all other unique characteristics that make you YOU. We will encourage you to bring your authentic self to work, fostering an inclusive environment where everyone feels heard.

Feel free to note your pronouns in your application (e.g., she/her/hers, he/him/his, they/them/theirs, etc).

So, ready to take the wheel and make this the ride of your life?

Delve into our culture by taking a peek at our Instagram and check out our Linkedin and website!

Share this job:
Please let Glovo know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Glovo logo

Glovo

  • 1001-5000 employees
  • Founded in 2015
  • 109 remote jobs

Latest Jobs at Glovo

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply