Kiteris is a young, agile company dedicated to providing IT project management and business processes analysis services, based on the delivery of excellence, the quality of our team and the contribution of value through specialization and innovation. We are located in Spain and Portugal but serve different customers in Europe, USA, and LATAM.


For several years, we have been working with a well-known multinational client in the food and beverage sector of the IBEX 35 based in Barcelona. We are looking for a junior-mid IT Compliance Specialist to ensure that our operations comply with legal regulatory standards, procedures, and policies. This position is remote, but it is required to go to the client's office 3 or 4 times per year.


We are looking for an experienced professional in IT risk management and compliance to join a global IS/IT Risk and Compliance team. This individual will be responsible for coordinating compliance assessments of digital solutions (both cloud and non-cloud), ensuring proper control implementation, managing audit findings, and contributing to the maturity of the GRC framework at an international level.


The role requires autonomy, strategic thinking, analytical skills, and fluency in English, along with a collaborative mindset to work effectively with globally distributed teams.





Key Responsibilities




* Manage compliance assessments of IT solutions, ensuring alignment with internal policies and regulatory standards (ISO 27001, GDPR, PCI-DSS, among others).

* Coordinate communication among technical stakeholders, solution owners, auditors, and security teams.

* Analyze dashboards and reports (Power BI, GRC tools) to identify risks or compliance gaps and propose corrective actions.

* Follow up on findings from internal/external audits and security testing (e.g., penetration tests), ensuring proper remediation.

* Contribute to the definition, evaluation, and continuous improvement of the corporate control framework.

* Support local markets in implementing GRC best practices and preparing for audits






Desired Profile


Technical Requirements:




* At least 3 years of experience in compliance, GRC, IT audit, or information security roles.

* Practical knowledge of regulations and standards such as ISO 27001, NIST, GDPR, PCI-DSS, and control frameworks.

* Familiarity with cloud environments (AWS, Azure, GCP) and audit/compliance tools (ServiceNow, Archer, etc.).

* Ability to interpret and communicate technical and operational data via reports or dashboards.






Languages:




* Fluent English (C1): essential for daily communication and documentation.

* Knowledge of French or Spanish is a plus.






Soft Skills:




* Strategic vision and critical thinking.

* Ability to influence and collaborate with cross-functional teams.

* Proactive and results-driven attitude.

* Strong organizational skills, autonomy, and the ability to handle multiple initiatives simultaneously.






Additional Assets:




* Certifications such as CISA, CISM, ISO 27001 Lead Auditor/Implementer, or similar.

* Experience in large corporations or multinational environments.

* Previous involvement in the implementation of GRC tools or global security frameworks.






What do we offer:




* Indefinite-term contract.

* Remote work.

* Personalized continuous training.

* Career plan within the company.

* Private medical insurance partially paid by the company.

* Access to flexible compensation benefits such as meal vouchers, transportation, and childcare through a flexible remuneration plan.

* Young and dynamic work environment.

* Participation in projects with leading companies worldwide.

Reglamento General de Protección de Datos (GDPR)