Cyber Risk Lead

Overview

We are recruiting for a Cyber Risk Lead, reporting to the Chief Information Security Officer and working closely with the Regional Information Security Officer, to lead the cybersecurity risk function at Tunstall.

This is a high-impact and strategic role whose mission is to achieve practical risk reduction at global level and to align engineering teams with cybersecurity regulations. The role requires both tactical / operational execution and a high level of technical cybersecurity understanding.

The role is based in Madrid on a hybrid basis. We are flexible on the number of days in the office and location and would consider applications from people who can work at one of our other European offices (Manchester or Yorkshire in the UK; Malmo, Sweden).

Please ensure your CV is uploaded in English so the team can review.

What will you be doing in this role?

As our Cyber Risk Lead, you will contribute to strengthening our security posture through strategic thinking and risk framework development. You will define, implement and communicate a cyber risk framework that meets Tunstall’s cyber security regulations and standards and enables effective risk assessments across corporate, software and hardware assets. The role is strategic but will also require tactical and operational work.

The Ideal Candidate

To be successful, you will have significant experience in IT and technology with proven experience in cyber security risk roles. You will possess a deep technical understanding of cybersecurity practices and regulations, and proven experience in the software and hardware industry. Excellent influencing and communication skills and the ability to build effective working relationships globally are vital.

You should be collaborative, with strong written and verbal communication skills, able to engage and influence stakeholders globally. You will be proactive, detail-oriented, take ownership of tasks, and drive tasks and projects to timely completion and quality.

What We Offer

Hybrid Working

Competitive salary + potential bonus (75,000 to 85,000 EUR base salary, depending on skills and experience)

Access to a Talent Library with over 800 courses and to Udemy or O’Reilly learning platforms

A warm and welcoming team environment with opportunities to build a rewarding career

Key Responsibilities

Define, implement and communicate a cyber risk framework to be enforced globally across countries and businesses, meeting compliance and regulatory needs and enabling practical risk management across corporate, software and hardware assets

Ensure the framework meets cybersecurity regulations and standards applicable to Tunstall

Support Regional Information Security Officers in risk forums to ensure risks are properly identified, assessed and managed

Provide regulatory guidance to software and hardware teams for technical decisions

Align and influence business and technology areas to adopt the global risk framework

Influence stakeholders to transform ways of working toward a secure and resilient organization

Partner with technology and business leaders to integrate cybersecurity into engineering practices, especially for regulatory compliance

Implement a corporate security risk registry and define processes to govern, maintain and follow up on registered cyber risks with stakeholders

Define Key Risk Indicators (KRIs) and other metrics for reporting and oversight

Report risk posture in senior-level forums with KRIs and related metrics

Maintain a proactive, innovative approach to continuous improvement

Key Skills And Experience

Significant IT and technology experience with substantial cybersecurity and risk roles

Experience in the software and hardware industry in a technology-related role

Technical background in cybersecurity (e.g., security architecture and engineering, security operations, offensive security)

Deep understanding of cybersecurity standards and regulations (e.g., ISO27001, GDPR, NIS2, RED)

Familiarity with complex, regulated, or critical infrastructure environments

Excellent written and verbal communication skills and ability to influence stakeholders globally

Ability to manage complexity and make decisions with limited information

Analytical mindset with high attention to detail and problem-solving skills

Fluent English (CEFR C1)

Desirable Skills And Experience

Knowledge of additional regulations such as CRA, Cyber Essentials, UK PSTI

Experience in the IoT industry

Spanish or Swedish language skills

A Bit About Us

Tunstall is a market-leading health and care technology provider. We’re passionate about ensuring our team reflects the brilliant and unique qualities of the people and communities we support. Our team of more than 3,000 colleagues provides life-saving and life-changing technology and services in 18 countries. We value diversity and inclusion and offer development and career growth opportunities.

Each Tunstall colleague has a superpower—they’re unique. Join our mission and be part of our One Tunstall team.

#J-18808-Ljbffr