Logo of Huzzle

Cybersecurity Risk Expert - Risk Divison

image

Santander

5d ago

  • Job
    Full-time
    Expert Level
  • Data
    IT & Cybersecurity
  • Madrid
  • Quick Apply

AI generated summary

  • You need 10+ years in Cyber, GRC/Audit experience, a STEM degree, proficiency in Spanish/English, familiarity with NIST/ISO, and strong interpersonal skills. Certifications are a plus.
  • You will assess and oversee cyber risk practices, engage with local teams, support regulatory exercises, monitor control effectiveness, and report on incidents.

Requirements

  • +10 years experience in Cyber with previous experience in GRC, 2LOD or Audit.
  • Experience dealing with Internal/External auditors.
  • Degree in Engineering or comparable quantitative subject.
  • Relevant academic qualifications in STEM (Science, Technology, Engineering or Mathematics university degree).
  • Proficiency Spanish and English level is a must.
  • Experience using NIST, ISO, or other similar industry frameworks.
  • Information security certifications are a plus (CISSP, CEH, CRISC , CCSP, CRISC, CISM, CISA,…)
  • Excellent interpersonal, leadership and relationship-building skills.

Responsibilities

  • As Cyber Security Risk Manager, you will support the development, execution of the Global 2LoD Cyber Security Risk function.
  • Cyber 2LoD team will provide independent assessment, challenge and oversight of the cyber risk practices carried out by the first line of defense.
  • We must ensure that cyber risk is managed in accordance with the risk appetite defined by senior management and promote a strong risk culture through the organization.
  • Engage with local 2LOD to ensure alignment and common methodologies.
  • Support regulatory exercises. (SREP ITRQ, Cyber Stress Test, DORA TLPT,…)
  • Follow-up regulatory findings (OSI, horizontal reviews,…).
  • Lead deep-dive exercises for Cyber-related topics.
  • Support Cyber Incident regulatory reporting.
  • Support Holistic and continuously monitor control effectiveness and risk mitigation.

FAQs

What is the job title for this position?

The job title is Cybersecurity Risk Expert - Risk Division.

Where is this position based?

This position is based in Boadilla del Monte, Madrid, Spain.

What type of experience is required for this role?

A minimum of 10 years of experience in Cybersecurity, with previous experience in Governance, Risk, and Compliance (GRC), Second Line of Defense (2LOD), or Audit is required.

What educational background do candidates need for this position?

Candidates should have relevant academic qualifications in STEM (Science, Technology, Engineering, or Mathematics) with a university degree.

What languages are required for the role?

Proficiency in both Spanish and English is required.

Which industry frameworks should candidates be familiar with?

Experience using NIST, ISO, or other similar industry frameworks is essential.

Are there any preferred certifications for this position?

Yes, information security certifications such as CISSP, CEH, CRISC, CCSP, CISM, or CISA are preferred.

What are some key responsibilities of the Cyber Security Risk Manager?

Key responsibilities include engaging with local 2LOD, supporting regulatory exercises, leading deep-dive exercises for cyber-related topics, and monitoring control effectiveness and risk mitigation.

Will the successful candidate have to interact with auditors?

Yes, the candidate will need to deal with both internal and external auditors.

How does this role contribute to the bank's overall mission?

This role supports the sustainable progress of people and businesses by managing cyber risk in accordance with the defined risk appetite and promoting a strong risk culture throughout the organization.

Here to help you prosper

Finance
Industry
10,001+
Employees
1857
Founded Year

Mission & Purpose

Santander is a leading global bank, founded in 1857 and headquartered in Spain, and is one of the largest banks in the world by market capitalisation. It provides a wide range of financial products and services, including personal and corporate banking, wealth management, and insurance. With a strong presence in Europe, Latin America, North America, and Asia, Santander's mission is to help people and businesses prosper by offering customer-centric solutions. Its purpose is to support growth and innovation while fostering responsible banking practices to benefit individuals, businesses, and communities.