N-iX is a global software development company founded in 2002, connecting over 2,400+ tech professionals across 40+ countries. We deliver innovative technology solutions in cloud computing, data analytics, AI, embedded software,IoT, and more to global industry leaders and Fortune 500 companies. Join us to create technology that drives real change for businesses and people across the world.
Our customer is a worldwide leader in vehicle repair and insurance claims management, employing over 3,000+ professionals across 40 countries. The company provides comprehensive, cutting-edge solutions that simplify repair and claims processes, delivering efficient and equitable outcomes for all stakeholders. The IS Compliance & IS Risk Management Consultant will be responsible for governing and continuously improving the Information Security compliance framework and IS risk management practices.
Responsibilities:
Information Security Compliance Framework
- Own and maintain the Group-wide ISMS framework aligned to ISO 27001
- Define and maintain security policies, standards, and control requirements
- Ensure applicability and rollout across all legal entities and portfolio companies
- Prepare and coordinate internal and external audits
Regulatory & Standard Compliance (e.g., NIS2, ISO 27001)
- Monitor regulatory requirements and translate them into actionable controls
- Lead NIS2 compliance readiness and evidence structure
- Act as central contact for auditors and regulatory inquiries
- Ensure documentation and evidence structures are audit-ready
IS Risk Management
- Establish and operate the Group-wide IS risk management process
- Maintain the central IS risk register
- Facilitate risk assessments with business, IT, and portfolio companies
- Ensure management visibility of key IS risks and mitigation status
- Integrate IS risks into enterprise risk management
Governance & Oversight of Portfolio Companies
- Define minimum IS control baseline for all entities
- Conduct IS compliance and risk reviews for portfolio companies
- Support M&A security assessments and post-merger governance integration
Reporting & Management Transparency
- Define and maintain IS compliance and risk KPIs
- Provide regular reporting to executive managemen
- Enable risk-based decision making through structured reporting
Awareness & Enablement
- Support management and key roles in understanding their security
responsibilities
- Provide guidance on control implementation without owning operations
Requirements:
- 7+ years of experience in Information Security, with focus on governance, risk,
and complianceAdvanced Spanish and English language level
- Proven experience with ISO 27001 (implementation and/or audit)
- Strong understanding of NIS2 or comparable regulatory frameworks
- Experience in multi-entity / international organizations
- Experience in M&A security assessments is a plus
- ISMS design and operation
- Risk management methodologies
- Control frameworks and audit evidence structures
- Translating regulatory requirements into practical controls
- Governance model design
- Strong analytical and structuring skills
- Ability to work with senior management and auditors
Certifications (preferred)
• ISO 27001 Lead Implementer or Lead Auditor
• CISM, CISSP, or comparable certification
We offer*:
- Flexible working format - remote, office-based or flexible
- A competitive salary and good compensation package
- Personalized career growth
- Professional development tools (mentorship program, tech talks and trainings, centers of excellence, and more)
- Active tech communities with regular knowledge sharing
- Education reimbursement
- Memorable anniversary presents
- Corporate events and team buildings
- Other location-specific benefits
*not applicable for freelancers
European Union
