SCF GS is looking for a Senior Cyber GRC Specialist, based in our Madrid office.

WHY YOU SHOULD CONSIDER THIS OPPORTUNITY

At Santander we are key players in the transformation of the financial sector. Do you want to join us?

Santander Consumer Finance focuses on business development related to consumer finance products, sales channels and commercial agreements with dealers, vehicle manufacturers or retail distribution establishments, as well as commercial functions associated with direct sales (branches, call centers or digital channels) and indirect sales (through third parties) of consumer finance products.

Santander is proud of being an organization where there are equal opportunities regardless of gender identity, culture and disability. Our mission is to contribute to help more people and business prosper.

WHAT YOU WILL BE DOING

As a Senior Cyber GRC Specialist you will Follow-Up of the information and plans per unit,for the correct implementation of the Corporate Normative and the cyber transformation plan.

We need someone like you to help us in different fronts:

- Coordination and dissemination of corporate guidelines and strategies to be adopted and adapted.

- Report to the general oversight function of T&O SCF Corp.

- Supervision of Cybersecurity Plans and support in the definition of countries´ budgets

- Follow-up on the correct compliance with Policies and Regulations

- Definition and tracking of KRI´s map

- Definition and follow-up of the Director Plan in Countries, in line with Corporate measures.

- Assessment and proposal of improvements.

- Homogenization / standardization of services.

- Identification and sharing of Best Practices and synergies for all Countries.

- Follow-up of the vulnerability mitigation plan.

- Ensure the implementation of Cyber Security regulations, procedures and standards.

- Best practices and lessons learnt

EXPERIENCE
- Minimum 5 years of experience in relevant fields

EDUCATION
- Computer Engineering / Computer Science or similar

SKILLS & KNOWLEDGE
- High level of English, at least, B2 + recommendation C1.
- Strong understanding of security threats and misconfigurations.
- A plus: Any cyber/network security or IT audit/risk management Certification is a plus: CISSP, CEH, ISACA (CISM/CSX/CISA) or similar.
- Understanding financial items related to the cyber budget (CAPEX/OPEX) in the different entities.
- Supervising cyber contracts from vendors and internal providers.
- Cybersecurity Risk Governance management (Holistic, RCSA, cyber metrics, golden source HERACLES, etc), achieving an alignment in the company strategy and KPIs.
- Business Continuity and Information Security Office management and supervisal.
- Follow and control management of cyber-audits and cyber recommendations.
- Maintain open communication with the Local focal point (Information Protection) of the other Consumer Countries and Cybersecurity Global.