Cyber Security Analyst - SDS
Country: Spain
**WHY YOU SHOULD JOIN US**
At Santander, you can be part of one of the largest transformations the World is experiencing in the past several decades. The emergence of disruptive platforms as a business model has reshaped other industries and is poised to do the same in financial services. To do so, we are transforming our Technology function, with 500+ new hires planned for this 2020.
This change is only possible with people like you, who will help us to raise the bar. We aim to bring technologists, passionate professionals who live and breathe technology, who will be constantly seeking different ways of doing things, learn a new language every year, keep old computer parts and reuse them in strange projects around the house, continually tinker with electronic gadgets of all sorts, and be considered the geekiest person around by all their friends and family. That might be a bit of exaggeration, but you get the idea of what we are looking for.
And on top of a meaningful job, we care about you. At Santander, this means creating a workplace that respects your individuality and supports you to enjoy life outside work. You will enjoy flexible working conditions, a general well-being program, BeHealthy, and will be entitled to spend a certain number of hours each month volunteering.
**WHAT YOU WILL BE DOING**
As a **Cyber Analyst**your mission will be to support cybers security in the company, participating in the definition, execution and follow up of cyber projects, controls, and business as usual activities, helping to strengthen our defenses against internal and external threats.
We need somebody like you to help us in different fronts:
- Review Applications users modules & user lifecycle, regular recertification processes, exceptions, and approvals, in line with Santander Group policies.
- Contributing to the development, implementation, and execution of the controls: documenting and reviewing the scope and objectives associated with the Security controls.
- Supporting Internal and External Audit requests, working closely with Compliance, Audit and Risk & Control Partners to ensure actioned on a complete, accurate, and timely basis.
- Review of evidence / documents / controls to ensure required remedial action has been completed.
- Cyber technology risk management: coordinate the adoption of Cyber Framework, Cyber & Technology Risk policies and procedures ensuring that policies and procedures are compliant with regulatory requirements.
- Knowledge about Azure AD and Active Directory
- Knowledge about Network devices & security Devices like Firewall or IPS
- Spotting and addressing deficiencies between current and desired state of IAM related matters.
- Collaborate with other areas in the definition of roles and segregation of duties
- Ensuring compliance requirements and supporting audits in security controls.
- Collaborates across business units within the organization to ensure consistency in policies and procedures.
- Participating in the development and enhancement of the Methodologies and Standards including in the group policy
**WHAT WE ARE LOOKING FOR**
- Required qualifications
- Knowledge in Cyber Security in financial sector
- Support in cyber controls implementation and oversee
- Knowledge of information technology, security solutions and frameworks
- Understanding of technical and human aspects of cyber threats and security
- Ability to understand the business context and technology manage uncertainty
- Understanding of IT and Information Security solutions, processes and systems
- Strong communication skills, both written and verbal
- Strong problem solving and innovative mind-set to ensure a clear focus on the forward agenda
- Knowledge of information technology and security solutions and frameworks, such as Cyber Security Framework from NIST
- Analysis of cybersecurity events to detect and respond to threats in time. Develop continuous improvement plans that allow us to focus on the most relevant events.
- Resolution of cybersecurity incidents in a timely manner. Evaluate and improve incident response plans, as well as the development of scenarios.
- Execution of cybersecurity controls aligned with the group's strategy, seeking continuous improvement and risk mitigation.
- Manage measures to prevent data leakage.
- Support in cybersecurity event plans to detect and respond to threats in time.
- Experience
- Experience on SOX controls (implementation and/or audit).
- Azure & AD users and Policy Management
- ZT Environment - Knowledge & Overview
- Skills & Knowledge in
- Knowledge in access control implementation and monitoring.
- Knowledge of information technology and security solutions and frameworks.
- Experience as a compliance analyst, information risk specialist, or information technology auditor.
- Recommended _
- Technical skills on Access control on different technologies (eg. Unix, linux, Windows, Oracle, SQL, RACF, OS400, etc.).
-