We are currently recruiting for a Cyber Risk Lead, reporting to the Chief Information Security Officer, but working closely with the Regional Information Security Officer, to lead the cybersecurity risk function at Tunstall.

This is a high impact and strategic role, whose mission is vital to achieve a practical risk reduction at global level, provoking a substantial change in how we manage security risks today and aligning our engineering teams to comply with cybersecurity regulations. This role requires someone willing to be tactical and operational and with a high level of technical cyber security understanding and knowledge.

This role would be based at our Madrid office working on a hybrid basis. We are flexible on number of days in the office, and on location and would consider applications from people who can work at one of our other European offices (Manchester or Yorkshire in the UK; Malmo, Sweden).

Please can you ensure your CV is uploaded in English so the team can review.

What will you be doing in this role?

As our Cyber Risk Lead you will contribute to strengthening our security posture through a combination of strategic thinking and risk framework development. You will define, implement and communicate a cyber risk framework, that meets the cyber security regulations and standards of Tunstall, but also truly enables effective risk assessments across our corporate, software and hardware assets.

This is a strategic role but will require someone to be tactical and operational as well. 

The Ideal candidate:

To be successful in this role you will have significant experience in IT and technology with proven experience in cyber security risk roles. You will have a deep technical understanding of cybersecurity practices and regulations, and a proven experience in the software and hardware industry. Excellent influencing and communication skills, along with the ability to build effective working relationships globally are vital to success in this role.

With a naturally collaborative style, excellent written and verbal communication skills, you will be able to engage and influence stakeholders globally. In addition, you will be proactive, with a high attention to detail, taking ownership of tasks, tenacious in your approach to ensure completion of tasks and projects to time and of required quality.

What we offer:

• Hybrid Working,
• Competitive salary + potential bonus (75,000 to 85,000 EUR pa base salary depending on the successful candidates skills and experience),
• Boost your learning and growth through access to a Talent Library with over 800 courses, and access to Udemy or O’Reilly learning platforms,
• A warm and welcoming team environment and a chance to build a rewarding career.

Some of your key tasks will be…

• Define, implement and communicate a cyber risk framework to be enforced globally in all countries and businesses, satisfies compliance and regulatory needs and enables truly practical and effective risk management across corporate, software and hardware assets,
• Ensure the risk framework embraces the requirements from cybersecurity regulations and standards of applicability to Tunstall,
• Support Regional Information Security Officers in the risk forums to ensure security risks are properly identified, assessed and managed,
• Bring regulatory expertise to provide guidance to software and hardware teams when it comes to technical decisions,
• Align and influence the business and technology areas in the countries and at Group level to adopt and follow the global risk framework,
• Influence stakeholders in technology areas and the business to transform current ways of working and priorities towards becoming a secure and resilient organisation,
• Partner with technology and business leaders to integrate cybersecurity into our software and hardware engineering practices, particularly to pave the way towards compliance with cybersecurity regulations,
• Implement a corporate security risk registry and define and develop the necessary processes to govern, maintain and follow-up registered cyber risks with the required stakeholders,
• Define Key Risk Indicators (KRI) and other relevant metrics for reporting and oversight,
• Report in senior-level forums our risk posture through KRIs and other metrics,
• Keep a constant innovative, challenging and constructive attitude towards continuous improvement.

Key skills and experience:

• Significant experience in IT and technology, with considerable experience in cybersecurity and risk roles,
• Relevant experience in the software and hardware industry in a key technology-related role,
• Technical background in cybersecurity, e.g. offensive security, security architecture and engineering, security operations, etc,
• Deep understanding of the cybersecurity market, trends, security controls (technical, processes, people),
• Expert knowledge of cybersecurity standards and regulations, including ISO27001, GDPR, NIS2, Radio Equipment Directive (RED),
• Familiarity with complex, regulated, or critical infrastructure environments,
• Excellent written and verbal communication skills, able to build effective relationships and influence stakeholders globally,
• Ability to manage complexity and make decisions with limited information or under uncertainty,
• You will have an analytical approach, with a high attention to detail and be adept at problem solving and always looking at ways to improve,
• You must be able to communicate effectively in English (ie CEFR C1).

Desirable skills and experience

• Knowledge and experience in other cybersecurity regulations, such as Cyber Resilience Act (CRA), Cyber Essentials, UK PSTI, etc,
• Experience in the IoT industry,
• Spanish or Swedish language skills.

If you are not sure if you have the relevant skills or experience, then please apply (only takes a few minutes) and let our team review and come back to you.

A bit about us:

Tunstall is a market-leading health and care technology provider.

We’re passionate about ensuring our team reflects the brilliant and unique qualities of the people and communities we support. Our incredible team of more than 3,000 colleagues provides life saving and life changing technology and services to millions of people in 18 different countries.

At Tunstall you’ll find a place where you’re valued and celebrated for being yourself. We empower our people to deliver the very best teamwork, innovation and thought leadership by creating an environment where we champion diversity and inclusion. We demonstrate our commitment to diversity and inclusion at each step. From our open, fair, and transparent recruitment processes, through to the many development and career growth opportunities we provide.

Each Tunstall colleague has a superpower… they’re unique. No one else is them, and we think that’s special. Come and join our mission and be part of our team, our One Tunstall team.