header-image

Cybersecurity Officer

  • Location: Barcelona (Spain)
  • Working day: Full time
  • Sector: Pharmaceutical and biopharmaceutical
  • Vacancies: 1
  • Work modality: Hybrid

Grupo Ferrer Internacional

At Ferrer we use business to fight for social justice. We have long been a company that looks to do things differently; instead of maximizing shareholder returns, we reinvest much of our profit in initiatives that give back to society. Back where it belongs. We go beyond compliance and are guided by the highest standards of sustainability, ethics and integrity. As such, since 2022, we are a B Corp.

Founded in Barcelona in 1959, Ferrer offers transformative solutions for life-threatening diseases in more than one hundred countries. In line with our purpose, we have an increasing focus on pulmonary vascular and interstitial lung diseases and rare neurological disorders. Our 1,800-strong team is driven by a clear conviction: our business is not an end in itself, but a way to change lives.

We are Ferrer. Ferrer for good.

Job description

Mission

As key part of the Digital, Data & AI team and reporting to the Corporate Cybersecurity Lead, you'll be responsible for providing comprehensive tactical and analytical support to strengthen the organization's cyber security posture while enabling business objectives. 
This role acts as a critical bridge between the organization’s risk and business stakeholders, ensuring the effective delivery of security initiatives, and continuous improvement of the security governance framework, while fostering a risk-aware and security-conscious culture across the organization.  

 

Responsibilities

  • Develop and continuously evolve the cybersecurity GRC and risk management roadmap, aligning priorities with organizational objectives, changes in the threat landscape, and the company’s risk appetite, encompassing governance, controls, awareness, and risk-driven process maturity. 
  • Establish strategic partnerships with technology leadership and business & manufacturing stakeholders to ensure cybersecurity risk and compliance considerations are embedded into decision-making, planning, and change processes. 
  • Own end-to- end delivery of cybersecurity governance and risk initiatives, including defining scope, allocating resources, tracking budgets, managing milestones, and providing executive-level reporting and dashboards. 
  • Translate cybersecurity and regulatory requirements into actionable policies, standards, and control frameworks, ensuring consistent implementation across the company and supporting enterprise risk management to enable business growth while maintaining an appropriate risk posture. 
  • Lead control implementations across critical security domains, coordinating control testing, evidence collection, and stakeholder remediation plans for areas such as identity and access management, remote access, network and cloud governance, and security tooling— ensuring controls are designed effectively and operating as intended. 
  • Design and execute enterprise-wide security awareness and risk culture programmes, including executive briefings, internal training, and communication campaigns, to foster a risk-aware and security-conscious organizational culture.

 

Why Ferrer?

  • Make a positive impact in society
  • Participate in volunteering activities
  • Grow in a culture of trust, responsibility, and constructive feedback
  • Enjoy a flexible working model & collaborative office experience to enable innovation and teamworking
  • Make a real difference to the team and to yourself
  • Take advantage of opportunities for development & learning
  • Discover a range of benefits to support your physical, emotional and financial wellbeing
  • Customize your remuneration and benefit

Requirements

What you’ll need to succeed

You will rock at this company if you are a person with empathy, humility, curiosity and optimism, and also if you match with:

  • Minimum of 4 years of relevant work experience in the cybersecurity risk
    management     domain.
  • Sound experience in managing multidisciplinary projects in multinational
    e    nvironment & scope.
  • Demonstrated experience in adapting security standards to business
    needs, ensuring practical implementation and sustainable adoption.

 

Governance & Risk knowledge

  • Knowledge of frameworks such as NIST CSF, ISO 27001, ISA/IEC
    62443,     NIS2 / Article 21 cybersecurity risk-management measures.
  • Understanding of security architecture, access control, networks, cloud
    security, and monitoring tools.
  • Desirable certifications: CRISC, CISM, ISO 27001 Lead Implementer /
    Lead Auditor, or similar.

 

Skills and Competencies

  • Excellent communication and influencing skills, with the ability to drive
    cybersecurity and risk adoption across the organization.
  • Strong ability to build trusted cross-functional relationships across
    business areas and within multicultural environments.
  • Good understanding of technology and its impact on cybersecurity risk,
    governance and business operations.
  • High level of integrity and strong commitment to ethics, privacy and
    information security.
  • Strategic mindset with results-oriented approach.
  • Professional fluency in English and Spanish.

 

If this great challenge matches your profile, then we are waiting for you!

At Ferrer, we guarantee equal treatment and opportunities in recruitment, avoiding prejudices and stereotypes for any reason in the processes of access to the company, assessing only objective criteria such as professional and academic skills and work experience.

  • Location: Barcelona (Spain)
  • Working day: Full time
  • Sector: Pharmaceutical and biopharmaceutical
  • Vacancies: 1
  • Work modality: Hybrid
Check our other jobs
Check our other jobs

Powered by

Powered by TalentCLue
 
 
Apply