Information Security & Compliance Engineer
Posted on: 14/04/2026
Barcelona-Parets Cataluña
Permanent
Industry and Manufacturing
At Morgan Philips Outsourcing, we are currently seeking for one of our clients, Thales Cybersecurity & Digital Identity, a global leader in digital security.
This client designs and delivers a wide range of products, software and services based on two core technologies: digital identification and data protection, bringing trust to an increasingly connected world.
As part of an increase in activity, if you are looking for new professional challenges and want to join a high‑skilled, multicultural and industrial‑driven environment, we are currently looking for an Information Security & Compliance Engineer, based in Barcelona (Parets del Vallès), Spain.
Job Objective
Ensure the effective execution, coordination and continuous audit‑readiness of information security and compliance activities at site level, in alignment with corporate security frameworks and regulatory requirements.
The role is responsible for logical security control execution, audit preparation and evidence management, risk and remediation tracking, and stakeholder coordination, acting as a key interface between IT Operations, Physical Security, Production/Operations and corporate security teams.
What will you do?
As an Information Security & Compliance Engineer within Thales, you will be responsible for:
Coordination & Control Execution
About You
To succeed in this role, you should have:
Technical skills & experience – mandatory
This client designs and delivers a wide range of products, software and services based on two core technologies: digital identification and data protection, bringing trust to an increasingly connected world.
As part of an increase in activity, if you are looking for new professional challenges and want to join a high‑skilled, multicultural and industrial‑driven environment, we are currently looking for an Information Security & Compliance Engineer, based in Barcelona (Parets del Vallès), Spain.
Job Objective
Ensure the effective execution, coordination and continuous audit‑readiness of information security and compliance activities at site level, in alignment with corporate security frameworks and regulatory requirements.
The role is responsible for logical security control execution, audit preparation and evidence management, risk and remediation tracking, and stakeholder coordination, acting as a key interface between IT Operations, Physical Security, Production/Operations and corporate security teams.
What will you do?
As an Information Security & Compliance Engineer within Thales, you will be responsible for:
Coordination & Control Execution
- Execute and manage site‑level audit readiness activities, including evidence collection, audit walkthrough preparation and tracking of action plans.
- Coordinate with IT Operations, Physical Security and Production/Operations to ensure security controls are correctly implemented, executed and evidenced.
- Act as the local interface with corporate security stakeholders and approved service providers to align requirements, timelines and evidence expectations.
- Ensure all required logical security controls are performed on schedule and appropriately documented.
- Advise and support site users and stakeholders on logical security requirements, secure practices and audit expectations relevant to their activities.
- Reinforce a pragmatic and effective security culture through targeted awareness actions based on observed gaps and audit findings.
- Escalate risks, deviations and recurring control failures through defined reporting channels, supported by clear and traceable evidence.
- Maintain clear documentation and traceability of requirements, control execution, evidence and remediation actions.
- Maintain active visibility of information security risks and non‑conformities within scope (e.g. missed controls, audit gaps, recurring failures or overdue remediation).
- Define, track and follow up remediation actions to closure with accountable owners, ensuring evidence of resolution is properly maintained.
- Support incident handling activities by collecting facts, preserving evidence and contributing to incident analysis and reporting when required.
- Maintain and update site‑level logical security procedures and operational instructions aligned with corporate policies and regulatory requirements.
- Prepare, execute and support internal and external audits (GSMA, PCI, internal audits), including direct participation, walkthroughs and evidence presentation.
- Track, validate and close audit findings and remediation actions, ensuring continuous audit‑readiness within scope.
- Translate security and compliance requirements into clear and actionable operational activities for IT, Operations and auditors.
About You
To succeed in this role, you should have:
Technical skills & experience – mandatory
- Bachelor’s degree in Information Security, Information Technology, Engineering or a related field, or equivalent professional experience.
- Minimum 5 years of experience in a similar or progressive IT Security / Security Compliance role.
- Proven experience in security and compliance operations within Windows‑centric enterprise environments.
- Strong experience in logical security control execution, verification and audit evidence management.
- Hands‑on involvement in vulnerability management lifecycle tracking and validation.
- Solid experience executing and evidencing access reviews and privilege controls.
- Experience working with enterprise productivity and documentation tools (MS Office, SharePoint, Confluence).
- High level of Spanish and professional English proficiency.
- Experience supporting GSMA, PCI or similar regulatory frameworks.
- Strong organizational, analytical and documentation skills.
- Ability to manage multiple stakeholders and priorities in a regulated, industrial environment.
- Structured, detail‑oriented approach with a strong risk and compliance mindset.