Risk Technology Risk & Cybersecurity Specialist III

Risk Technology Risk & Cybersecurity Specialist III

Country: Spain

IT STARTS HERE

Santander ( www.santander.com ) is evolving from a global, high-impact brand into a technology-driven organization , and our people are at the heart of this journey. Together , we are driving a customer-centric transformation that values bold thinking, innovation , and the courage to challenge what’s possible.

This is more than a strategic shift. It’s a chance for driven professionals to grow, learn, and make a real difference .

Our mission is to contribute to help more people and businesses prosper . We embrace a strong risk culture and all our professionals at all levels are expected to take a proactive and responsible approach toward risk management.

Santander Corporate & Investment Banking (Santander CIB) is Santander's global division that supports some of the world's most complex and sophisticated corporate and institutional clients, offering customized services and value-added wholesale products to best meet their needs.

THE DIFFERENCE YOU MAKE

SCIB s looking for a Senior Analyst — Cybersecurity Risk (2LoD) based out of Boadilla (Madrid)

We’re shaping the way we work through innovation, cutting-edge technology, collaboration and the freedom to explore new ideas. To succeed in this role, you will be responsible for:

Lead 2LoD review & challenge of cybersecurity risk assessments, control evaluations, risk metrics, mitigation plans and risk acceptances; synthesize into clear risk opinions for senior stakeholders.
Run targeted risk reviews of priority domains (e.g., IAM, network/firewall, vulnerability & patch management, cloud security, AppSec/containers, encryption/tokenization, DLP, logging/monitoring, incident response/SOC); track remediation to closure.
Provide independent oversight on digital transformation and business change, assessing cyber risk impacts and required controls from design to go-live.
Strengthen third-party/critical services risk management: certify services/vendors, challenge inherent risk scoring, assign residual risk ratings, and monitor remediation.
Analyze cyber risk data (incidents—internal/external, KRIs, control gaps, risk register) to identify patterns, concentrations, and emerging hotspots.
Evolve and transpose policies/frameworks to steer safe technology adoption; align to industry standards.
Prepare clear, decision-ready governance reporting for committees and working groups; escalate issues with urgency and evidence.

WHAT YOU’LL BRING

Our people are our greatest strength. Every individual contributes unique perspectives that make us stronger as a team and as an organization. We’re enabling teams to go beyond by valuing who they are and empowering what they bring.

The following requirements represent the knowledge, skills, and abilities essential for success in this role. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Professional Experience

~5–8 years in cybersecurity risk, technology risk, cyber audit or 2LoD/3LoD roles in financial services or other highly regulated environments. (Required)

Education

Bachelor’s in Computer Science, Engineering or related (Required)
Master’s a plus. (Prefered)
Professional certifications strongly valued: CISA, CISM, CRISC, CISSP; plus cloud security (AWS/Azure/GCP). (Required)

Languages

Fluent English (Required)

Technical expertise (you don’t need all, but you know many)

IAM, network & firewall management, vulnerability/patch management, cloud security architecture, secure SDLC & containerization, encryption/tokenization, DLP, security logging & monitoring, incident detection & response, and offensive security understanding.

Frameworks & practices

NIST CSF, ISO 27001/22301, COBIT, SOC 2/ISAE 3000, OWASP; proven experience executing cyber risk oversight programs in 2LoD/3LoD.

How you work

Strong risk judgment and documentation quality; ability to coordinate across teams, influence constructively, and drive issues to closure in a matrixed, international setting.

What’s in it for you

Real impact on the cyber resilience of a global bank.
International exposure and complex, high-stakes projects within SCIB.
Access to training and certifications; inclusive culture with strong risk ownership .

WE VALUE YOUR IMPACT

Your contribution matters , and it’s recognized. You can expect a fair, competitive reward package that reflects the impact you create and the value you deliver. But we know rewards go beyond numbers.

We’re enable our teams to go beyond through global opportunities and broad career paths.
Flexibility that works. Enjoy a hybrid working models —some days remote, some days onsite with your team—along with flexible hours.
Learning for life . Access hundreds of courses on our platforms, including exclusive access to our global learning space: Santander Open Academy (www.santanderopenacademy.com)
Competitive rewards. Receive a highly competitive salary with performance-based bonuses, motivating you to keep growing with us.
Financial advantages. Benefit from preferential banking terms, special interest rates on loans, life insurance, and more.
Your health is our priority. Through BeHealthy, our global wellness programme, we promote Holistic wellbeing.
We know family is everything . That’s why we offer childcare support and family-friendly programmes tailored to each life stage.
Always by your side. Get access to Santander Contigo , our program for employees and their families offering legal, emotional, and administrative advisory services.
Extra benefits . Gym/WellHub membership, medical centers in some of our facilities, meal subsidy, parking, shuttle service from various points in Madrid, as well as exclusive discounts and offers for Santander employees. And that’s only the beginning—we’ll tell you more when you join!

We’re here to keep you motivated , help you reach your goals, and celebrate your progress, every step of the way.

LOCAL COMPLIANCE

Santander is proud of being an organization where there are equal opportunities regardless of age, gender, disability, civil status, race, religion or sexual orientation. We are committed to providing an inclusive and accessible application process for all candidates.

WHAT TO DO NEXT

If this sounds like a role you are interested in, then please apply.

READY TO TAKE THE NEXT STEP IN YOUR JOURNEY?

#SCIB