Vendor Risk Analyst - AQUANIMA Country: Spain
AQUANIMA is looking for a Vendor Risk Analyst, based in our Boadilla del Monte (Madrid) office.
WHY YOU SHOULD CONSIDER THIS OPPORTUNITY At Santander, we are key players in the transformation of the financial sector. Do you want to join us?
At Aquanima, we provide a valuable service to our customers as part of the Santander Group, seeking maximum efficiency for the Group and external clients through the management of purchasing processes.
Our ultimate objective is to maximize savings for our clients by offering our expertise in purchasing across various expense categories in the countries where we operate.
We offer other value-added services such as supplier management and contract management, creating long-term relationships with our customers and suppliers to help them achieve greater efficiency in their operations.
Santander is proud to be an organization that promotes equal opportunities regardless of gender identity, culture, and disability.
Our mission is to help more people and businesses prosper. We embrace a strong risk culture, and all our professionals are expected to take a proactive and responsible approach toward risk management.
WHAT YOU WILL BE DOING As a Vendor Risk Analyst, you will be responsible for certifying and managing vendors regarding IT/Cyber and contingency risks:
Review and challenge inherent risk scoring of critical services. Certify critical services/vendors, establish and monitor remediation plans, and issue a residual risk rating. Report and collaborate with local CISO and Business Continuity teams regarding risk assessment results and continuous improvement of risk methodology. Assist in periodic reporting to local Cost/Risk areas and respective committees. EXPERIENCE Minimum years of work experience in Cybersecurity/IT Risk/IT audit areas.
EDUCATION Bachelor's or equivalent in Computer Science, Telecommunications Engineering, or similar. Cybersecurity/IT Risk/Audit industry certifications (such as CISA, ISO/IEC, CompTIA Security+, CISP, SSCP, CSX Cybersecurity Fundamentals, etc.) are preferred.
SKILLS & KNOWLEDGE Knowledge of information technology and security certifications and frameworks such as ISAE (SOC), NIST CSF, ISO 27001, ISO 27002, COBIT, etc. Knowledge of IT Audit practices, IT Risk Management, Business Continuity Management, Vulnerability Management, Security testing methodologies (OWASP, OSSTMM, etc.). Strong communication and oral expression skills in English and Spanish. OTHER INFORMATION A fluent English level is a must. A strong candidate will manage multiple tasks simultaneously and be an enthusiastic team player. Effective communication and excellent writing skills are essential. A problem-solving approach is required.
#J-18808-Ljbffr