Vendor Risk Specialist Cyber & BCP - AQUANIMA LisbonAQUANIMA VRAC is looking for a VENDOR RISK SPECIALIST in CYBER & BCP based in our LISBON (Portugal) office. WHY YOU SHOULD CONSIDER THIS OPPORTUNITY At Santander (www.santander.com) we are key players in the transformation of the financial sector. Do you want to join us?
At Aquanima, we provide a valuable service to our customers. We are part of the Santander Group and we seek to achieve maximum efficiency for the Group and for external clients, through the management of purchasing processes. Our ultimate objective is to maximize savings for our clients, offering our expertise in purchasing across various expense categories in the 12 countries where we operate. Our capabilities also include value-added services such as 360º supplier management and contract management. We are a strategic partner to our customers and suppliers, creating long-term relationships and helping them achieve greater efficiency in their operations.
Santander is proud of being an organization that provides equal opportunities regardless of gender identity, culture, and disability. Our mission is to help more people and businesses prosper. We embrace a strong risk culture, and all of our professionals are expected to take a proactive and responsible approach toward risk management.
WHAT YOU WILL BE DOING As a Vendor Risk Specialist in Cybersecurity & BCP, you will be responsible for certifying and managing Vendors regarding Cyber and Contingency risks.
Review and challenge of inherent risk scoring of critical services.Certificate critical services/vendors, establish and monitor remediation plans, and issue a residual risk rating.Reporting and collaboration with local CISO and Business Continuity team regarding risk assessment results and continuous improvement of risk methodology.Periodic reporting to local Cost/Risk areas and respective committees.We need someone like you to help us in different fronts:
Reporting of VRAC activity metrics, risk assessment results, remediation plans, and presentations to local Cost/Risk areas and respective Committees.Follow up of the ongoing certification process, including remediation plans.Collaboration in third-party risk analysis processes between suppliers and risk analysts.Review and challenge of inherent risk scoring of critical services.EXPERIENCE 3-5 years of experience working in Cybersecurity / IT Risk / IT audit / Business Continuity areas.EDUCATION Degree in Business Administration and Management, Engineering or similar.SKILLS & KNOWLEDGE Knowledge of information technology and security certifications, standards, and frameworks such as ISAE 3000 | SOC 2, NIST CSF, ISO/IEC 27001, ISO 22301, COBIT.Knowledge of IT Audit practices, IT Risk Management, Business Continuity Management, Vulnerability Management, Security testing methodologies (OWASP, OSSTMM).Fluent communication and oral expression in Portuguese and English; Spanish is desirable.OTHER INFORMATION A strong candidate will manage multiple tasks simultaneously and be an enthusiastic team player.Effective communication and excellent writing skills.Capacity to work with diverse teams.Keen attention to detail and strong analytical skills are preferred.Good interpersonal skills.Problem-solving approach.If you want to know more about us, follow us on https://es.linkedin.com/company/banco-santander #LI-FB1
Our work touches 140 million lives every day. How? By always innovating, sharing our experiences, questioning how we do things, and adapting to new challenges.
As we keep reinventing ourselves for the digital age, you'll find that with us, even your smallest action will have a massive impact.
#J-18808-Ljbffr