Cyber Security Governance, Risk and Compliance Responsible SCF HQ**WHAT YOU WILL BE DOING**Santander Consumer Finance HQ is looking for a Cyber Security GRC (Governance, Risk and Compliance) Responsible SCF HQ, based in our Madrid office.**WHY YOU SHOULD CONSIDER THIS OPPORTUNITY**Santander Consumer Finance focuses on business development related to consumer finance products, sales channels and commercial agreements with dealers, vehicle manufacturers or retail distribution establishments, as well as commercial functions associated with direct sales (branches, call centers or digital channels) and indirect sales (through third parties) of consumer finance products.Santander is proud of being an organization where there are equal opportunities regardless of gender identity, culture, and disability. Our mission is to contribute to help more people and business prosper. We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk management.**WHAT YOU WILL BE DOING**As a GRC Responsible SCF HQ, you will oversight the GRC tasks related to Cyber Security for all the SCF Units under scope (approx. 14 entities in 16 countries), and managing directly the GRC units in SCF Western Hub, HQ, and Global Services. You will report directly to SCF Global CISO and will coordinate the SCF HQ GRC team.We need someone like you to help us in different fronts:**Governance**- Review, adaptation, and oversight of cybersecurity policies, regulations, and procedures, and the implementation plans to comply with them- Management of KPIs, KRIs, and Cyber and TR dashboards with adequate follow-up of action plans- Oversight and support of SCF entities regarding all GRC activities and initiatives- Establish a positive interface and align with the Group's global GRC unit and with other SCF and Group stakeholders (2LoD, internal audit, procurement, etc), on behalf of all SCF entities.- Perform required reporting to various committees and stakeholders regarding cybersecurity risks and issues**Risk**- Complete all cybersecurity risk assessment exercises (holistic, RCSA)- Complete regular capability assessments of cybersecurity controls (mainly holistic - quarterly, and RCSA - yearly)- Project Risk assessments for new systems and services, ensuring they are compliant with policies and any weakness is identified and adequately managed- Waivers management and approval when necessary- Third party cyber and TR risk assessments**Business Continuity**- Business continuity and Disaster recovery, related to Cyberscenarios, oversight**Compliance**- Complete and manage GAP analysis against cybersecurity policies- Management and coordination of cybersecurity audits- Findings / recommendations planning, tracking, and follow-up- Manage SWIFT mandatory assessments and complete yearly compliance attestation- Regulatory related activities (SOX, GDPR, PSD2, etc) with stakeholders**Financials**- Cyber Budget planification and oversight with all SCF countries- Oversight of contract management for cybersecurity relevant services**EXPERIENCE**- Minimum 7 years of experience in Cybersecurity, teams, and project management.**EDUCATION**- STEM related career, Cyber certifications**SKILLS & KNOWLEDGE**- Cybersecurity, focus on Technological Risk and Compliance- Fluent English and Spanish- Team management- Projects management- Fluent communication, and capability to adapt to different levels- Documentation and presentation skills- Strong organization and planification skills- Workload management ability**OTHER INFORMATION**- Travel, mainly to European countries, if needed (normally not frequent).Watch for the effective control of technology risks and ensure that they are managed in accordance with the level of risk appetite defined by the Group's senior management and units at an experienced level.**Idiomas**:- Spanish
#J-18808-Ljbffr
