Senior Cybersecurity Governance, Risk, and Compliance (GRC) Analyst EMEA

Avnet Business Services GmbH

Avnet Business Services GmbH is the service provider of the Avnet Group in EMEA, founded in 2020. With its brands EBV Elektronik, Avnet Silica, Avnet Abacus, Avnet Embedded and Farnell, Avnet is one of the world's most successful distributors of semiconductor products and related services. Avnet is also an S&P 500 listed group. Employees in 70 countries set new standards every day in terms of innovation and quality, for which Avnet has been known in the market for 100 years.

We are looking for a highly skilled and experienced Senior Cybersecurity Governance, Risk, and Compliance (GRC) Analyst to join our global security enablement team, where you will help shape and maintain our global security posture.

This position can be based in one of our offices in Spain (Madrid or Málaga) or in France (Massy or Toulouse), and it offers a flexible, hybrid working arrangement, with just one day per week in the office.

This role is essential in advancing our GRC initiatives across international operations. If you have strong expertise in cybersecurity assessments, regulatory frameworks, and risk management, we are looking forward to receiving your application!

What you will be doing:

Governance

• Lead and execute cybersecurity assessments using recognized frameworks such as ISO/IEC 27001, Cyber Essentials Plus, and NIST CSF.
• Develop, update, and manage cybersecurity policies, standards, and procedures to meet global regulatory requirements.
• Stay informed about emerging threats, regulatory changes, and industry best practices to guide governance efforts.

Risk Management

• Conduct risk assessments across business units and regions.
• Maintain and update risk registers and support the development of mitigation strategies.
• Support third-party risk management by assessing vendor security practices and compliance.

Compliance

• Support internal and external audit preparation and response activities.
• Monitor and report on compliance status, risk metrics, and control effectiveness.
• Ensure alignment with global compliance requirements, including SOX, GDPR, PCI-DSS, ISO 27001, NIST CSF, Cyber Essentials Plus, and AirCyber.

What we are looking for:

• Minimum of six (6) years of experience in cybersecurity GRC roles, preferably in a global enterprise environment.
• Bachelor’s degree in Information Security, Information Technology, or a related field, or equivalent practical experience.
• Proven experience in conducting risk assessments, gap analyses, and control testing.
• In-depth knowledge of cybersecurity standards, regulatory frameworks, and certification requirements, including:
  • Sarbanes-Oxley (SOX)
  • PCI-DSS
  • ISO/IEC 27001:2022
  • NIST CSF 2.0
  • NIST Risk Management Framework
  • Cyber Essentials Plus
  • AirCyber, and others
• Familiarity with GRC platforms and tools such as ServiceNow, AuditBoard, or Onspring.
• Professional certifications such as CISSP, CISA, CRISC, or ISO 27001 Lead Auditor are highly desirable.
• Strong communication and stakeholder engagement skills.
• Business-level proficiency in written and spoken English.
• Ability to work independently and collaboratively across time zones and cultures.

 
What’s in it for you:

Alongside a competitive salary, we offer a range of benefits:

• A supportive multicultural team environment where everyone is working toward the same goal
• A strong open-door policy
• An environment where you will have the tools and opportunities to further your career
• A role where you have the freedom to come up with and own new ideas and design your processes
• Hybrid working – 1 day per week on-site.
• Paid holiday, plus bank holidays
• Work equipment
• And more….

#LI-AVNET

#LI-EMEA

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills.

Avnet is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. If you are interested in applying for employment with Avnet and need special assistance or an accommodation to apply for a posted position contact our Human Resources Service Center in your region: Americas applicants – hrnow@avnet.com, Asia applicants - hrnow.asia@avnet.com, EMEA applicants - hrnow.EMEA@avnet.eu.

Job Applicant EMEA Imprints