.Country: Spain Position: Cyber GRC Manager Regulatory & Compliance Location: Boadilla del Monte WHY YOU SHOULD CONSIDER THIS OPPORTUNITY At Santander, we are key players in the transformation of the financial sector.
Do you want to join our team and continue your professional development?
In Banco Santander, cybersecurity means engaging in the protection of the people and communities where the Bank is present, integrating ethical and social criteria into the strategy, business model, and internal processes, involving the entire structure of the Group and collaborating in the development of secure environments that prevent and detect threats to our services and infrastructures, using the latest technologies.
We adopt a strong risk culture and expect all our professionals, regardless of their position, to have a proactive and responsible attitude towards risk management.
Banco Santander is proud to be an organization that cares about the development of people and where there are equal opportunities, regardless of race, gender, religion, age, sexual orientation, marital status, disability, nationality, or gender identity.
WHAT YOU WILL DO IN YOUR JOB As members of the corporate GRC area, within the scope of the Global CISO function, we are the first line of defense in managing the Group's cybersecurity.
Our main mission is to ensure the proper development and implementation of the cybersecurity control environment in the Group's entities, collaborating with more than 20 local and global units to coordinate the necessary activities.
Specific Functions: Control and follow-up of applicable regulatory requirements from different Cyber regulations impacting the Group.
Definition of the cybersecurity control framework used in the Group's entities and defense towers to cover cybersecurity requirements.
Identification and follow-up of improvement points in the Group's cybersecurity control model.
Support to the Group's entities and defense towers to improve their control environment through regulatory advisory tasks.
Follow-up and analysis of cybersecurity non-compliances.
Participate in transformation projects to enhance the Cyber GRC function (automation processes, control, and compliance of information systems).
General Functions: Lead management in the Compliance area of GRC through indicators, presentations, and reports.
Communicate effectively with eCISOs, technical teams, team leaders, and Global Heads.
EXPERIENCE 7-8+ years in one of the following roles: Cybersecurity risk management Technology audit or security associated with Cyber regulations/legislation Internal control of cybersecurity Cybersecurity operations Monitoring of cybersecurity controls or metrics Cyber risk analysis and evaluation EDUCATION Higher Engineer (or Degree) in IT or similar.
Specific training (master's/postgraduate) in the field of cybersecurity.
SKILLS AND KNOWLEDGE Knowledge in internal or external cybersecurity audits