IT Risk Compliance Analyst

Talan is an international consulting group specializing in innovation and business transformation through technology. With over 7,200 consultants in 21 countries and a turnover of €850M, we are committed to delivering impactful, future-ready solutions.

Headquartered in Paris and operating globally, Talan combines technology, innovation, and empowerment to deliver measurable results for our clients. Over the past 22 years, we’ve built a strong presence in the IT and consulting landscape, and we’re on track to reach €1 billion in revenue this year.

We design and implement large-scale, end-to-end architecture and data solutions, including data integration, data science, visualization, Big Data, AI, and Generative AI.

We integrate leading platforms such as SAP, Salesforce, Oracle, Microsoft, AWS, and IBM Maximo, helping clients transition to the cloud and improve operational efficiency.

We lead business and digital transformation initiatives through project and change management best practices (PM, PMO, Agile, Scrum, Product Ownership), and support domains such as Supply Chain, Cybersecurity, and ESG/Low-Carbon strategies.

We work with major global clients across diverse sectors, including Transport & Logistics, Financial Services, Energy & Utilities, Retail, and Media & Telecommunications.

We are looking for an IT Risk & Compliance Analyst to join our cybersecurity and governance team in Málaga.

In this role, you will be responsible for ensuring the security and compliance of applications and containerized environments, advising development teams on secure coding practices, and driving continuous improvement in risk management processes.

This position involves close collaboration with software engineers, architects, and security specialists across international teams.

• Govern and manage vulnerabilities across applications and containerized environments (Docker, Kubernetes).
• Conduct risk assessments for new applications from the design phase, including threat modeling.
• Advise and guide development teams in the adoption of secure software practices.
• Integrate and manage security tools such as SCA
  , SAST
  , DAST
  , CSPM
  , and Container Security solutions.
• Track, prioritize, and support the remediation of identified vulnerabilities, validating false positives where applicable.
• Participate in architecture reviews and define security requirements for new or evolving systems.
• Contribute to continuous improvement initiatives in the organization’s security posture and development lifecycle.

• 1–3 years of professional experience in software development, IT security, or risk management.
• Hands‑on experience with Docker
  , Kubernetes
  , and container ecosystems.
• Experience with security analysis tools for code and container scanning.

Bachelor’s Degree in Computer Science, Engineering, or a related technical discipline.

• Understanding of application security principles, secure coding, and vulnerability management.
• Familiarity with Dev Sec Ops  practices and CI/CD security integration.
• Knowledge of SDLC processes and risk assessment methodologies.
• Exposure to cloud environments (AWS, Azure, GCP) is highly desirable.

• Strong communication and teamwork abilities.
• Analytical mindset and attention to detail.
• Proactive approach to learning and adapting to emerging threats.

• Security certifications such as OSCP
  , CKA
  , CKS
  , CISSP
  , or equivalent.
• Previous experience in regulated sectors such as fintech or financial services
  .
• Technical curiosity, problem‑solving attitude, and a passion for cybersecurity.

• Opportunity to grow in a multicultural, international environment.
• Smart Office Pack for flexible remote work.
• Continuous training and professional development.
• Comprehensive benefits including private medical and life insurance.
• Exposure to global cybersecurity and risk management projects.

If you have read this far and you are looking forward to joining this challenge, do not hesitate to apply... we would be delighted to meet you!