IT Cyber Risk COE Analyst - Santander Digital Services Country: Spain
SANTANDER DIGITAL SERVICES is looking for an IT CYBER RISK COE ANALYST based in our BOADILLA DEL MONTE office.
WHY YOU SHOULD CONSIDER THIS OPPORTUNITY Santander Digital Services (SDS) is the team of technology and operations at Santander.
We are convinced of the importance of technology that is aligned with the requirements of the business and that our work not only brings value to users, people and communities but also fosters individual creativity.
Our team of over 7,000 people in 8 countries (Spain, Portugal, Poland, UK, USA, Mexico, Chile and Brazil) develops and/or implements financial solutions across a broad spectrum of technologies (including Blockchain, Big Data, and Angular among others) on all kinds of on-premise and cloud-based platforms.
Santander is proud of being an organization where there are equal opportunities regardless of gender identity, culture, and disability.
Our mission is to contribute to help more people and businesses prosper.
We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk management.
WHAT YOU WILL BE DOING As an IT CYBER RISK COE ANALYST, you will be part of Non-Financial Risk Global CoE, delivering services to entities.
Independent risks and controls challenge and oversight.
We need someone like you to help us in different fronts:
Engage with Internal/External partners (IT/Cyber Risk teams, Local CISOs, Global CISO functions, CIO, CTO, T&O; and Internal Audit) and ensure CoE process adheres with all relevant policy, process, standards, and guidelines. Lead cross-functional collaboration, align diverse business needs and drive effective decision-making and prioritization concerning scope of work, requirements, and product deliverables. Examine risk and control library and prioritize review based on risk drivers. Review and challenge risk and control assessments resulting from CISO self-assessment (including evidence and support documentation). Escalate areas of disagreement with the Global control owner in accordance with established governance. Risk assessment ongoing review, challenge and continuous trigger event analysis.
Monitoring risk and control issues and actions remediations. Provide entities actionable outputs and capture information in Heracles. Leverage outputs of controls assessment to determine deep dives reviews. EXPERIENCE 3 - 5 years of experience related to IT / Cyber Security Risk Management, Cyber GRC or IT / Security Audit.
EDUCATION Higher education in computer science or similar.
SKILLS & KNOWLEDGE Knowledge of risk frameworks such as NIST, CIS, FFIEC, FAIR, ISO2, ISO31. Certified in one of: CRISC, CISSP, CISA or/and CISM. Knowledge of Santander Cybersecurity systems and infrastructure. Skills and strategic thinking to review risk profiles and prioritize actions. Capacity to leverage existing information to determine independent controls assessments. Ability to support and suggest control enhancements. Excellent level of English is mandatory (C1). OTHER INFORMATION Possibility of making occasional trips to the geographies where Banco Santander is present (e.g.
Portugal, UK, Poland, Brazil or Mexico).
Idiomas: Spanish
#J-18808-Ljbffr