Share this Job
Apply now »

Information Governance Specialist


Our opportunity


Group Audit is responsible for performing audits over the whole of Zurich's operations globally. We are an international team of 200+ colleagues from 33 different nationalities, working as one function from Chicago to Sydney! Together, we look to bring our skills, capabilities, and unique strengths to provide real insights to our stakeholders. We are working to be the best we can at spotting danger for our company; continuously trying, failing, and learning to get better and better in what we do. 

We are looking for an Information Governance Specialist to join our team in Barcelona and be part of our global Internal Audit organization. Reporting into the Group Audit Operations Lead, this role has responsibility to provide operational support to ensure that Group Audit Function is compliant with Information Governance requirements. You will have the opportunity to interact with Group Audit Leadership Team as well local country audit leaders and team members across the globe, including Corporate Centre, Europe, Latin America, North America and Asia Pacific. 


Your role


The purpose of the role is: respond to the increased information governance compliance efforts & reporting such as Group Zurich data commitment, GDPR, Swiss Data Protection Act, Operational Risk Management Key Risk Indicators (ORM-KRI), Information Governance Project, Internal Control Integrated Framework (ICIF). Group Audit Chain is only as strong as its weakest link since Group Audit assurance relies on each single contributor across the globe within Group Audit.

Respond to the complexity of the compliance process for a virtually integrated function by enhancing control and monitoring of unstructured data resulted from the use of Microsoft Office 365 applications.


As an Information Governance Specialist, your main responsibilities will involve:


  • Collaborate with Group / Local information Governance Officer, IT Service Delivery Officer, Group and local compliance / legal officer and Custodians to define, document and implement information governance processes, controls, and training program. 
  • Support Group Audit Information Steward to conclude the annual sign-off of the data inventory process
  • Monitor execution of Information Governance Controls and report breaches to Group Audit Leadership
  • Analyse information governance issues and incidents ensuring the root cause is fully understood and actions are implemented to mitigate the impact.
  • Design, implement & maintain Data Flow Analysis + Data & Records Inventory processes and controls to ensure that:
    • Data Flow Analysis concerning personal data processing activity is documented and kept in OneTrust system and certified annually or upon updated substantial change
    • Personal data are processed to the extent necessary to achieve a legitimate business purpose and legal basis is documented in the Data Inventory
    • Personal data are maintained accurate at all times and deletion process of data is documented
    • Processing of personal data that may have impact on data subjects is conducted only on the primary source of data or a real time copy from the primary source of data.
    • Records in Group Audit are complete and processed, used, stored, and disposed in accordance with relevant Zurich policies and the local legal and regulatory framework
    • Data Inventory is correctly maintained and containing all relevant processing activities concerning personal data information and kept in OneTrust system.
  • Design, implement & maintain record retention processes and controls to ensure that:
    • Retention Schedule is correctly maintained and containing all relevant records incl. legal retention period and deletion criteria for the records (OneTrust system).
    • Audit Reports, which are under legal hold, are kept and excluded from the standard deletion process
    • Business justification for retained records beyond legal retention is signed-off by the key stakeholders.
  • Design, implement & maintain Data Privacy & Protection + Data Loss Prevention processes and controls to:
    • Ensure structured & unstructured personal data is not kept beyond retention period
    • Verify that anonymisation is sufficient and does not leave data subjects identifiable
    • Ensure that privacy by design is considered as key principle in group audit projects
    • Manage approval of sharing of data with 3rd parties, access rights to application/unstructured data
    • Monitor sharing data with 3rd parties and escalate timely to Group Audit leadership
  • Design, implement & maintain Data Classification processes and controls to conduct spot checks and review automated reports of unstructured data stored in Office 365 applications.


Your Skills and Experience


As an Information Governance Specialist, your skills and qualifications will ideally include:


  • BSc/BA in Business IT incl. Information Systems / Information Management and related field from an accredited college or university (master’s or MBA degree is preferred)
  • Job holder should have 5+ years’ experience in information governance and related activities
  • Knowledge of the application OneTrust is a plus
  • Cross-functional skills: Change Management, Continuous improvement, Creative and Critical Thinking, Operating Globally, Planning & Organizing, Presentation skills, and Stakeholder management
  • Functional skills: Information Governance, Enterprise Governance & Internal Control System (ICS) Knowledge, Risk and Control, Compliance Risk Management, Business Process Modeling, Data Stewardship, Information Security Management, Dashboards, Information Assurance
  • Strong verbal and written communication skills (English). Additional European languages is a plus.


Additional Information


As well as a competitive salary and a yearly bonus we offer benefits package which includes:


  • Option to work remotely within Spain even up to 80% - you choose
  • Flexible working hours
  • Wide range of internal and external trainings
  • Free English, German and Spanish classes depending on the needs
  • Ticket restaurant
  • Life Insurance
  • Pension Plan - after 1 year in the company
  • Referral bonus if you bring other talented people like you
  • Special banking and insurance conditions
  • Exclusive Employees discounts


Primary work location is Barcelona. Please apply with your CV in English by clicking on the button “Apply online”.


This role may require occasional travel (within Europe typically).


Who we are


Looking for a challenging and inspiring work environment where you can make a difference? At Zurich millions of individuals and businesses place their trust in our products and services every day. Our 53,000 employees worldwide form the basis of our success, enabling, businesses and communities to face a world of risk with confidence. Imagine if you could help people do this all over the world. You’d give them confidence and reassurance by protecting what they love most. It’s a big challenge, but you will be supported by a world-class team who believe in helping you to reach your full potential and deliver on our promises.


Diversity & Inclusion


At Zurich we are an equal opportunity employer.  We attract and retain the best qualified individuals available, without regard to race/ethnicity, religion, gender, sexual orientation, age or disability.


So be challenged. Be inspired. Help us make a difference.

Why Zurich


At Zurich, we like to think outside the box and challenge the status quo. We take an optimistic approach by focusing on the positives and constantly asking What can go right? 

We are an equal opportunity employer who knows that each employee is unique - that’s what makes our team so great! 
Join us as we constantly explore new ways to protect our customers and the planet.

  • Location(s):  ES - Barcelona 
  • Remote working: No
  • Schedule: Full Time
  • Recruiter name: Gallego Zazo Alvaro
  • Closing date:

Apply now »