WHAT YOU WILL BE DOING
As a Cyber and emerging risk Manager, in the second line of defense, you will be responsible for independent monitor of cyber security risks, oversight and challenge the first line of defense regarding the cyber security activities, as well as the emerging risks as third parties management, business continuity and any other coming from the business activity.
We need someone like you to help us in different fronts :
Ensure appropriate governance of cyber and technology risk management within the responsibilities of the 2nd line of defense.
Oversee and challenge the performance of the 1st line of defense with regard of the identification, assessment, monitoring, mitigation, and reporting of its cyber and technology, including risk assessment, KPIs and KRIs, in line with agreed risk appetites.
Provide an independent judgment in the report to the relevant committees and senior management on the risk profile of the factories and corporate center, in relation to the defense, anticipation, and response domains.
Promote the development and implementation of an environment of prudent management and control of technology and cyber risk in all the legal entities of the Group.
Lead the implementation and maintenance of a Business Continuity Management Model through its different stages : business impact analysis, contingency scenarios risk assessment, continuity plans, response and recovery procedures, internal and external communication protocols, training, and plan testing.
Supervise the management of the operational risk in arrangements with suppliers. Specifically, estimate the suppliers’ overall risk exposure, the analysis and monitoring of operational risk indicators, and control model oversight, as well as the validation of suppliers’ risk assessments and vendors’ certifications and ensure the monitoring by the 1st Line of Defense of contracts’ SLAs .
5 / 10 years of work experience in cyber security management functions (ethical hacking, forensics, vulnerability management, E-crime, Access Control ) as Auditor, Consultant, or related risk control role.
STEM) Science, Technology, Engineering or Mathematics university degree
SKILLS & KNOWLEDGE
Knowledge of frameworks and standards related to Information Security & Cyber Security risk management.
Programming skills (python and power BI).
Cyber regulatory environment for financial services.
Spanish, English mandatory. Any other, highly appreciated.
Valuable any certification on CISSP, CISM, CISA, CEH, CSSP, Lead Auditor 27000.
WHAT WE ARE LOOKING FOR
More than 5 years of relevant work
Engineering (Master Degree) - 5 years, Mathematics (Master Degree) - 5 years
Actively Collaborate (Strength), Brings Passion (Strength), Cybersecurity Risk Management, Embrace Change (Strength), Keep Promises (Strength), Show Respect (Strength), Supports People (Strength), Talk Straight (Strength), Truly Listen (Strength)