.Cyber Assurance & Architecture – OPENBANKCountry: SpainTechnology Risk & Cybersecurity Associate Expert IIJoin Openbank, the 100% digital bank of the Santander Group, where innovation meets opportunity!
With over 2 million customers across Spain, Germany, the Netherlands, and Portugal, we're leading the way in digital banking.
From loans and mortgages to a cutting-edge, fully automated investment platform, our products are transforming the industry.At Openbank, we pride ourselves on simplicity, agility, and security, earning us the title of the most recommended Spanish bank among our customers.
Technology is in our DNA and we are constantly developing new digital solutions and products.Mission and Responsibilities:The mission of the PCI Cybersecurity Compliance & Assurance is to ensure the company's adherence to Payment Card Industry Data Security Standards (PCI DSS) in a cloud-based environment.
This role leads the PCI compliance strategy, working with cross-functional teams to implement security policies, manage audits, and assess risks.
Additionally, the position is responsible for staying up to date on emerging cybersecurity threats and cloud security innovations, ensuring the technology infrastructure remains secure and aligned with industry best practices.The position is within Openbank Cybersecurity team and will be in charge of implementing the PCI cybersecurity controls.
The main tasks of this position will be the following:Lead the company's PCI DSS compliance program, ensuring all business and technical operations align with PCI requirements.Collaborate with cross-functional teams (IT, DevOps, Product Development, Legal) to ensure cloud-based systems and services meet PCI security standards.Develop, implement, and maintain policies, processes, and procedures for PCI compliance in a cloud environment.Serve as the subject matter expert (SME) on PCI DSS and cloud security, providing guidance and recommendations to senior leadership.Conduct regular assessments, audits, and gap analyses to ensure ongoing PCI compliance and identify potential risks or vulnerabilities.Manage relationships with Qualified Security Assessors (QSAs) and lead all PCI audits and reporting activities.Stay current with evolving cybersecurity threats, cloud security innovations, and PCI standards, ensuring the company remains compliant and ahead of emerging risks.Develop and deliver PCI DSS-related training to internal teams and stakeholders.Implement robust incident response protocols related to PCI data breaches, working closely with the cybersecurity team to mitigate and report any incidents.Act as a liaison between business units and the security team, ensuring secure and compliant product development lifecycles in cloud-based environments.To be successful in the role you must have:Strong understanding of cloud security architectures (AWS, Azure, GCP) and cloud compliance frameworks