Cybersecurity & Business Continuity Vendor Risk Specialist - AQUANIMACountry: SpainAQUANIMA VRAC is looking for a Cybersecurity & Business Continuity Vendor Risk Specialist based in our Boadilla del Monte (Madrid) office.WHY YOU SHOULD CONSIDER THIS OPPORTUNITYAt Santander (www.Santander.Com), we are key players in the transformation of the financial sector.
Do you want to join us?At Aquanima, we provide a valuable service to our customers.
We are part of the Santander Group and we seek to achieve maximum efficiency for the Group and for external clients through the management of purchasing processes.
Our ultimate objective is to maximize savings for our clients, offering our expertise in purchasing across 12 countries.
Additionally, we provide value-added services such as 360o supplier management and contract management, creating long-term relationships with our customers and suppliers.Santander is proud to be an organization that promotes equal opportunities regardless of gender identity, culture, and disability.
Our mission is to help more people and businesses prosper, and we embrace a strong risk culture where all professionals are expected to take a proactive approach toward risk management.WHAT YOU WILL BE DOINGAs a Cybersecurity & Business Continuity Vendor Risk Specialist, you will:Certificate critical services/vendors, establish and monitor remediation plans, and issue a residual risk rating.Review and challenge inherent risk scoring of critical services.Report and collaborate with CISO and Business Continuity teams regarding risk assessment results.Support key account management for providing vendor risk services in Santander Group.Provide periodic reporting to local Cost/Risk areas and respective committees.EXPERIENCEMinimum 3 years of work experience in Cybersecurity, IT Risk, or IT audit areas.EDUCATIONBachelor's degree or equivalent in Computer Science, Telecommunications Engineering, or similar.
Cybersecurity/IT Risk/Audit industry certifications (such as CISA, ISO/IEC 27001, CompTIA Security+, CISP, SSCP, CSX Cybersecurity Fundamentals, etc.)
are preferred.SKILLS & KNOWLEDGEKnowledge of information technology and security certifications and frameworks such as ISAE 3000 (SOC 2), NIST CSF, ISO 27001, ISO 22301, COBIT, etc.Knowledge of IT Audit practices, IT Risk Management, Business Continuity Management, Vulnerability Management, and Security testing methodologies (OWASP, OSSTMM, etc.
).Fluent communication and oral expression in English and Spanish.OTHER INFORMATIONAbility to manage multiple tasks simultaneously and be an enthusiastic team player.Effective communication and excellent writing skills.Keen attention to detail and strong analytical skills are preferred.#J-18808-Ljbffr