NIS2 & ISO 27001 Compliance Analyst

What you'll do

• Lead NIS2 gap assessments and implementation programmes for critical and important entities
• Manage ISO 27001 projects from scope definition and risk assessment through to audit preparation
• Develop and review information security policies, procedures, and controls documentation
• Interpret regulatory requirements across EU member state transpositions of NIS2
• Prepare clients for Stage 1 and Stage 2 audits by accredited certification bodies
• Advise on DORA, GDPR, and sector-specific regulatory overlaps
• Produce clear deliverables: gap reports, risk registers, ISMS documentation, audit evidence packs

What we're looking for

• 3+ years in information security compliance, risk management, or regulatory advisory
• Solid working knowledge of ISO/IEC 27001:2022 and its implementation requirements
• Familiarity with the NIS2 Directive and key EU member state transpositions
• Experience managing multiple client engagements simultaneously
• Ability to write clear, professional deliverables independently
• Fluent in Spanish; professional working level in English

Nice to have

• ISO 27001 Lead Auditor or Lead Implementer certification
• Experience with DORA applicability and gap assessments
• Sector experience in finance, healthcare, or critical infrastructure
• Knowledge of ENS (Esquema Nacional de Seguridad)
• Experience with GRC tooling (OneTrust, ServiceNow GRC, or similar)

What we offer

• Hybrid role based in Madrid, with flexibility for remote work
• Exposure to complex multi-jurisdictional compliance programmes
• A technically grounded team — we care about actual security, not just paperwork
• Clear progression path as Dasenda's compliance practice grows
• Competitive compensation commensurate with experience