Senior Information Security GRC Analyst

OneTrust
🇪🇸 Madrid, Community of Madrid
Posted 1 month ago
Expires July 7, 2026
Full TimeOn-siteComplianceLegalOperations
Apply Now

The Senior Information Security GRC Analyst at OneTrust plays a pivotal role within the Information Security Governance, Risk, and Compliance (GRC) team. This position is integral to managing and executing various audits, including ENS, PCI DSS, SOC2, ISO27001, ISO27701, ISO27017, HITRUST, and TISAX, thereby ensuring the organization's adherence to industry standards and regulations. OneTrust is a leading technology platform that enables organizations to use data and AI responsibly, serving thousands of customers worldwide.

Key responsibilities include leading and managing multiple audits, developing and maintaining GRC policies and procedures, conducting formal gap analyses, and evaluating compliance against emerging regulatory frameworks. The role also involves collaborating with internal teams to implement and monitor security controls, providing guidance to ensure regulatory compliance, and preparing audit findings for senior management. Additionally, the analyst will assist in maturing OneTrust's compliance program and undertake other GRC initiatives as needed.

Candidates should possess a bachelor's degree in Information Security, Computer Science, or a related field, along with a minimum of five years of experience in information security, focusing on leading GRC initiatives. In-depth knowledge and experience with frameworks such as ENS, EU NIS2, EU CRA, NIST CSF, PCI, SOC2, ISO27001, ISO27701, ISO27017, HITRUST, and TISAX are essential. Strong analytical and problem-solving skills, excellent communication abilities across various stakeholders, and experience with GRC tools like OneTrust or Certification Automation (Tugboat) are also required. Relevant certifications such as CISSP, CISM, CISA, or CRISC are preferred.

OneTrust offers comprehensive healthcare coverage, flexible PTO, equity RSUs, annual performance bonus opportunities, retirement account support, over 14 weeks of paid parental leave, career development opportunities, and company-paid privacy certification exam fees. Specific benefits may vary by country.

The company embraces an office-first culture, encouraging three days a week in the office for most roles, fostering meaningful opportunities for collaboration and celebration in person. OneTrust is committed to creating a diverse and inclusive environment where employees can thrive and advance their careers.

Promote this job listing

Featured placement from $99. Get up to 5x more views.

See promotion options →

More Jobs at OneTrust

Principal Dev Ops Engineer

OneTrust
🇮🇳 Bengaluru, Karnataka
Full TimeOn-siteEngineering
Just posted

Product Manager

OneTrust
🇮🇳 Bengaluru, Karnataka
Full TimeOn-siteProduct
Just posted

Principal Customer Success Manager

OneTrust
🇺🇸 New York, New York
$1K - $2K Annual
Full TimeHybridSalesOperations+1
1 day ago

Implementation Consultant (Privacy & Data Governance)

OneTrust
🇺🇸 Atlanta, Georgia
Full TimeOn-siteConsultingCompliance+1
1 day ago