Vendor Risk Analyst - Cybersecurity & Business Continuity (UK) - Aquanima Boadilla del Monte, Spain
WHAT YOU WILL BE DOING AQN - VRAC is looking for a Vendor Risk Analyst - Cybersecurity & Business Continuity based in our Madrid or UK office. WHY YOU SHOULD CONSIDER THIS OPPORTUNITY At Aquanima we provide a valuable service to our customers.
We are part of the Santander Group and we seek to achieve maximum efficiency for the Group and for external clients, through the management of purchasing processes.
Our ultimate and main objective is to maximize savings for our clients, offering our expertise in purchasing in various expense categories in the 12 countries where we have a presence.
In addition, our capabilities allow us to offer other value-added services such as 360º supplier management and contract management.
We are a strategic partner to our customers and suppliers, creating long-term relationships with them and helping them to achieve greater efficiency in their day-to-day operations.
Santander is proud of being an organization where there are equal opportunities regardless of gender identity, culture, and disability.
Our mission is to contribute to help more people and businesses prosper.
WHAT YOU WILL BE DOING As a Vendor Risk Analyst - Cybersecurity & Business Continuity, you will be a member of our Spanish VRAC team based in Boadilla de Monte.
You will be responsible for certifying and managing Vendors regarding IT/Cyber and Contingency risks.
We need someone like you to help us in different fronts:
Review and challenge of inherent risk scoring of critical services.Certificate critical services/vendors, establish and monitor remediation plans and issue a residual risk rating.Report and collaborate with CISO and Business Continuity team regarding risk assessment results, continuous improvement of risk methodology, etc.Periodic reporting to local Cost/Risk areas and respective committees.When required: on-site assessments, due diligence, to assess and test vendor's security controls.EXPERIENCE - 3+ years work experience in Cybersecurity / IT Risk / IT audit areas.
EDUCATION - Bachelors or Equivalent in Computer Science, Telecommunications engineering or similar.
- Cybersecurity / IT Risk / Audit industry certifications (such as CISA, ISO/IEC 27001, CompTIA Security+, CISP, SSCP, CSX Cybersecurity Fundamentals, etc.
)
SKILLS & KNOWLEDGE - Knowledge of information technology and security certifications and frameworks such as ISAE 3000 (SOC 2), NIST CSF, ISO 27001, ISO 22301, COBIT.
- Knowledge of IT Audit practices, IT Risk Management, Business Continuity Management, Vulnerability Management, Security testing methodologies (OWASP, OSSTMM, etc.
).
- Communication and oral expression in English and Spanish.
OTHER INFORMATION - A highly competent bilingual English level is a must.
#J-18808-Ljbffr