Vendor Risk Analyst - AQUANIMACountry: SpainAQUANIMA is looking for a VENDOR RISK ANALYST, based in our BOADILLA DEL MONTE (Madrid) office.WHY YOU SHOULD CONSIDER THIS OPPORTUNITYAt Aquanima, we provide a valuable service to our customers.
We are part of the Santander Group and we seek to achieve maximum efficiency for the Group and for external clients, through the management of purchasing processes.
Our ultimate objective is to maximize savings for our clients, offering our expertise in purchasing across various expense categories in the 12 countries where we operate.
Additionally, we provide other value-added services such as 360º supplier management and contract management.We are a strategic partner to our customers and suppliers, creating long-term relationships and helping them achieve greater efficiency in their day-to-day operations.
Santander is proud to be an organization that promotes equal opportunities regardless of gender identity, culture, and disability.
Our mission is to help more people and businesses prosper.
We embrace a strong risk culture, and all professionals at all levels are expected to take a proactive and responsible approach toward risk management.WHAT YOU WILL BE DOINGAs a Vendor Risk Analyst, you will be responsible for certifying and managing Vendors regarding IT/Cyber and Contingency risks:Review and challenge the inherent risk scoring of critical services.Certify critical services/vendors, establish and monitor remediation plans, and issue a residual risk rating.Report and collaborate with local CISO and Business Continuity teams regarding risk assessment results and continuous improvement of risk methodology.Assist in periodic reporting to local Cost/Risk areas and respective committees.EXPERIENCEMinimum 2 years of work experience in Cybersecurity/IT Risk/IT audit areas.EDUCATIONBachelor's or Equivalent in Computer Science, Telecommunications Engineering, or similar.
Cybersecurity/IT Risk/Audit industry certifications (such as CISA, ISO/IEC 27001, CompTIA Security+, CISP, SSCP, CSX Cybersecurity Fundamentals, etc.)
are preferred.SKILLS KNOWLEDGEKnowledge of information technology and security certifications and frameworks such as ISAE 3000 (SOC 2), NIST CSF, ISO 27001, ISO 22301, COBIT, etc.
Knowledge of IT Audit practices, IT Risk Management, Business Continuity Management, Vulnerability Management, and Security testing methodologies (OWASP, OSSTMM, etc.
).Effective communication and excellent writing skills in English and Spanish are required.OTHER INFORMATIONA fluent English level is a must.
A problem-solving approach is essential.Languages: Spanish #J-18808-Ljbffr