Cybersecurity Vendor Risk Specialist - AQUANIMACountry: SpainAQUANIMA VRAC is looking for a CYBERSECURITY & BUSINESS CONTINUITY VENDOR RISK SPECIALIST based in our BOADILLA DEL MONTE (Madrid) YOU SHOULD CONSIDER THIS OPPORTUNITYAt Santander ( we are key players in the transformation of the financial sector.Do you want to join us?At Aquanima we provide a valuable service to our customers.We are part of the Santander Group and we seek to achieve maximum efficiency for the Group and for external clients, through the management of purchasing processes.As our ultimate and main objective is to maximize savings for our clients, we offer our expertise in purchasing in various expense categories in the 12 countries where we have a presence.In addition, our capabilities allow us to offer other value-added services such as 360º supplier management and contract management.We are a strategic partner to our customers and suppliers, creating long-term relationships with them and helping them to achieve greater efficiency in their day-to-day operations.Santander is proud of being an organization where there are equal opportunities regardless of gender identity, culture and disability.Our mission is to contribute to help more people and business prosper.We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk YOU WILL BE DOINGAs a Cybersecurity & Business Continuity Vendor Risk Specialist, you will:Certificate critical services / vendors, establish and monitor remediation plans and issue a residual risk and challenge of inherent risk scoring of critical services.Reporting and collaboration with CISO and Business Continuity teams regarding risk assessment support the key account management for providing vendor risk service in Santander Group.Periodic reporting to local Cost / Risk areas and respective committees.EXPERIENCEMinimum 3 years work experience in Cybersecurity / IT Risk / IT audit areas.EDUCATION[Bachelors or Equivalent in Computer Science, Telecommunications engineering or similar - Cybersecurity / IT Risk / Audit industry certifications (such as CISA, ISO/IEC 27001, CompTIA Security+, CISP, SSCP, CSX Cybersecurity Fundamentals, & KNOWLEDGEKnowledge of information technology and security certifications and frameworks such as ISAE 3000 (SOC 2), NIST CSF, ISO 27001, ISO 22301, COBIT...Knowledge of IT Audit practices, IT Risk Management, Business Continuity Management, Vulnerability Management, Security testing methodologies (OWASP, OSSTMM...).Communication and oral expression fluent in English and INFORMATIONA candidate will also be able to manage multiple tasks simultaneously, and an enthusiastic team player.Effective communication and excellent writing attention to details and analytics skills are you want to know more about us, follow us on our website
