IT / CYBER RISK COE ANALYSTCountry: SpainIT STARTS HERE Santander () is evolving from a global, high-impact brand into a technology-driven organization, and our people are at the heart of this journey.
\n
Together, we are driving a customer-centric transformation that values bold thinking, innovation, and the courage to challenge what's possible.
\n
This is more than a strategic shift.
\n
It's a chance for driven professionals to grow, learn, and make a real difference .
\n
Our mission is to contribute to help more people and businesses prosper .
\n
We embrace a strong risk culture and all our professionals at all levels are expected to take a proactive and responsible approach toward risk management.
\n
Santander Digital Services is the team of technology and operations at Santander.
\n
We are convinced of the importance of technology that is aligned with the requirements of the business and that out work not only brings value to users, people and communities but also fosters individual creativity.
\n
Our team of over, people in countries (Spain, Portugal, Poland, UK, USA, Mexico, Chile and Brazil) develops and/or implements financial solutions across a broad spectrum of technologies (including Blockchain, Big Data and Angular among others) on all kinds of on-premise and cloud-based platforms.
\n
THE DIFFERENCE YOU MAKE SANTANDER DIGITAL SERVICES is looking for an IT / CYBER RISK COE ANALYST based out of Boadilla .
\n
You will be part of Digital Risk General CoE, delivering support services to entities.
\n
Independent risks and controls challenge and oversight.To succeed in this role, you will be responsible for: Review and challenge risk and control assessments resulting from CISO / CIO self-assessment.
\n
Conduct targeted reviews on global platforms, risks or projects, assessing it/cyber risk impacts and required controls from design to go-live.
\n
Monitor and challenge IT, Cyber risk metrics (KRIs).
\n
Determine and report completeness, consistency and quality of data including their sources and thresholds.
\n
Prepare and analyse monthly information risk management report.
\n
Lend support to local entities to resolve waiver requests by providing an informed opinion.
\n
Lend support to local entities for operational resilience program (DORA) activities.
\n
Prepare clear, decision-ready governance reporting for committees and working groups; escalate issues with urgency and evidence.
\n
WHAT YOU'LL BRING Our people are our greatest strength.
\n
Every individual contributes unique perspectives that make us stronger as a team and as an organization.
\n
We're enabling teams to go beyond by valuing who they are and empowering what they bring.
\n
The following requirements represent the knowledge, skills, and abilities essential for success in this role.
\n
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
\n
Professional Experience - years of experience related to IT / Cyber Security Risk Management, Cyber GRC or IT / Security Audit.
\n
(Required) Education Bachelor's in computer science, Engineering or related (Required) Professional certifications strongly valued: CISA, CISM, CRISC and /or CISSP (Required) Master's a plus.
\n
(Preferred) Languages Fluent English is mandatory (C) (Required) Hard Skills Knowledge of ICT Risk frameworks such as NIST, CIS, FFIEC, FAIR, ISO, ISO.
\n
(Required) Knowledge of Cybersecurity systems: IAM, network & firewall management, vulnerability/patch management, cloud security architecture, secure SDLC & containerization, encryption/tokenization, DLP, security logging & monitoring, incident detection & response, and offensive security understanding.
\n
(Required) Skills and strategic thinking to review risk profiles and prioritize actions.
\n
(Required) Capacity to leverage on existing information to determine independent controls assessments.
\n
(Required) Ability to support and suggest control enhancements.
\n
(Required) Soft Skills Effective communication/ Accuracy and attention to detail /Critical thinking/ Interpersonal relationships/ Problem solving/ Takes ownership/ Optimism regarding uncertainty.
\n
(Preferred) Other Information: Possibility of making occasional trips to the geographies where Banco Santander is present (e.G. Portugal, UK, Brazil or Mexico).
\n
WE VALUE YOUR IMPACT Your contribution matters, and it's recognized.
\n
You can expect a fair, competitive reward package that reflects the impact you create and the value you deliver.
\n
But we know rewards go beyond numbers.
\n
We're enable our teams to go beyond through global opportunities and broad career paths.
\n
Flexibility that works.
\n
Enjoy a hybrid working models —some days remote, some days onsite with your team—along with flexible hours.
\n
Learning for life .