Project Manager (Pharmaceutical; cybersecurity or cybersecurity or IT risk domains)

Role: Project Manager

Location: Barcelona, Spain

Job Type: Contract (3days/week On-Site)

Role Summary:

We are seeking a Senior Project Manager to lead the Information Protection Project along with overseeing several parallel workstreams across data security, governance, and compliance. This role requires a seasoned professional capable of managing complex, cross-functional initiatives, ensuring timely delivery, stakeholder alignment, and regulatory adherence.

The ideal candidate has hands-on experience with information protection, data classification, DLP (Data Loss Prevention), access governance, and can navigate multiple priorities in a highly regulated environment.

Key Responsibilities:

• Lead end-to-end project delivery of the Information Protection initiative, including planning, execution, risk management, and stakeholder communication.
• Manage multiple concurrent workstreams, potentially spanning areas such as:
• Data Classification & Labelling
• DLP Implementation
• Information Governance & Access Controls
• Insider Risk Management
• Security Awareness & Training

• Develop detailed project plans, timelines, resource plans, and budgets.
• Collaborate closely with Information Security, Legal, IT, Data Governance, and Compliance teams.
• Ensure alignment with global information protection standards and regulatory frameworks (e.g., GDPR, HIPAA, ISO 27001).
• Drive governance forums, reporting cadence, and steering committee updates.
• Monitor project KPIs and ensure delivery within agreed timelines and quality benchmarks.
• Manage vendor relationships and third-party deliverables where applicable.

Must-Have Skills & Experience:

• 10–15 years of project/program management experience, ideally within cybersecurity, data protection, or IT risk domains.
• Proven track record in delivering information protection, data privacy, or cybersecurity projects.
• Strong familiarity with information security technologies and controls (e.g., DLP, CASB, IAM, encryption tools).
• Understanding of regulatory frameworks (e.g., GDPR, HIPAA, SOX, ISO 27001).
• Excellent stakeholder management, communication, and leadership skills.
• PMP, Prince2, or equivalent certification required; CISM or CISSP is a plus.