Information Security, Risk & Compliance Manager

Описание вакансии

Hey there!

We’re Fever, the world’s leading tech platform for culture and live entertainment,

Our mission? To democratize access to culture and entertainment. With our proprietary cutting-edge technology and data-driven approach, we’re revolutionizing the way people engage with live entertainment.

Every month, our platform inspires over 300 million people in +40 countries (and counting) to discover unforgettable experiences while also empowering event creators with our data and technology, helping them scale, innovate, and enhance their events to reach new audiences.

Our results? We’ve teamed up with major industry leaders like Netflix, F.C. Barcelona, and Primavera Sound, presented international award-winning experiences, and are backed by several leading global investors! Impressive, right?

To achieve our mission, we are looking for bar-raisers with a hands-on mindset who are eager to help shape the future of entertainment!

Ready to be part of the experience?

Now, let’s discuss this role and what you will do to help achieve Fever’s mission.

About the role:

The Information Security, Risk & Compliance Specialist will play a key role in developing and executing the information security and cybersecurity compliance roadmap, focusing on maintaining key certifications such as ISO 27001, ENS, among others and driving the company’s commitment to achieving the highest security standards.

The successful candidate will work closely with internal teams to review and maintain information security policies, conduct risk assessments, ensure alignment with governance frameworks and to manage and respond to security questionnaires. Furthermore, it will assist in preparing for external audits and actively work to strengthen the organization's security posture by identifying areas for compliance improvement. The position requires a solid understanding of security frameworks, governance processes, and risk management to ensure the organization's certifications and policies remain up to date.

Join us if you thrive in a fast-paced environment and are excited about pushing the boundaries of what's possible. This is an opportunity to have a real impact in a high-growth global category leader.

What would you do at Fever?

On your first month in Fever:

• You will be fully integrated into the team. You will participate in planning and follow-up meetings with other areas.
• You will have met the departments of Fever.
• You will get familiar with Fever's technological structure and ecosystem (applications, infrastructure, architecture, etc.)
• You will get familiar with Fever’s Information Security and Cyber Security Programme, GRC tools and documentation.

After 3 months in Fever:

• You will participate in the review and development of the documentation framework and standards.
• You will start collaborating with various internal teams in the preparation and response to security questionnaires and/or requirements.
• You will perform due diligence reviews on third-party vendors and service providers to evaluate their cybersecurity posture.
• You will start participating in the risk management process for information security and cybersecurity risks.

On your 6th month in Fever:

• You will develop a solid understanding of the information security and cybersecurity program, including its standards, governance structure and risk management methodology.
• You will manage processes related to security questionnaires and requirements coordinating with both internal and external stakeholders.
• You will manage the cybersecurity review process for third-party vendors.
• You will have full visibility into the compliance roadmap and actively participate in achieving its objectives.

Qualifications:

Must have:

• Bachelor or Master’s Degree in Computer Science, Information Security, Risk Management or another similar relevant degree (or equivalent experience in an GRC Security role).
• 4+ years of relevant experience on Information Security, Governance, Risk and Compliance projects, managing or owning the execution of the projects.
• Strong understanding of security frameworks and standards, such as ISO 27001, NIST, SOC2, or similar.
• Strong understanding of Cloud environments.
• Proven experience in conducting security assessments, risk assessments and security vendors review.
• Analytical skills, autonomy and accountability.
• Fluent in english.
• Excellent communication skills.

It would be a plus if you have:

• Relevant technical and industry certifications are a plus (e.g. CISA, CISM, ISO 27001 Lead Implementer/Auditor, CISSP, CRISC, etc).
• Familiarity with cybersecurity tools and technologies (e.g., vulnerability assessment tools, incident response and alerting platforms, etc).

Benefits & Perks

• Opportunity to have a real impact in a high-growth global category leader
• 40% discount on all Fever events and experiences
• Position based in Madrid, home office friendly.
• Relocation package for international candidates
• Responsibility from day one and professional and personal growth
• Great work environment with a young, international team of talented people to work with!
• Health insurance and other benefits such as Flexible remuneration with a 100% tax exemption through Cobee.
• English Lessons
• Gympass Membership
• Possibility to receive in advance part of your salary by Payflow.
• Attractive compensation package consisting of base salary and the potential to earn a significant bonus for top performance.

Thank you for considering joining Fever. We cannot wait to learn more about you!

If you want to learn more about us: Fever's Blog | Tech.Eu |TechCrunch

Fever is committed to creating an inclusive and diverse workspace where everyone's background and ideas count. Our main goal is to find the best possible talent regardless of place of birth, racial or ethnic origin, gender, gender identity, religion, opinion, sexual orientation, disability, pregnancy, marital status, age or caring responsibilities. We encourage everyone to apply!

If you require any kind of accommodation during the selection process please contact our Talent team so we can help you by providing a welcoming and seamless journey.

If you want to know more about how Fever processes your personal data, click here Fever - Candidate Privacy Notice