Cibersecurity- Grc Analyst

7 meses atrás


Lisboa, Portugal Santander Tempo inteiro

Cibersecurity
- GRC Analyst

Country: Portugal

**Mission**

Set and supervise Subsidiary cyber governance in line with Global CISO Organization ensuring different teams of the Group work under a common model aligned with Santander business strategy and objectives; managing cyber security risk posture and complying with agreed internal policies and procedures and external regulations; coordinating the governance model and preparing official reporting to respective governing bodies in the entity

**MAIN DUTIES AND RESPONSABILITIES**
- Set and supervise the implementation of Subsidiary cyber strategy and objectives achievement, aligned with Group’s cyber strategy and delivery of on-demand strategic outputs to support operational teams.
- Understand, monitor and report key cybersecurity indicators in collaboration with others Subsidiary cybersecurity areas and technical teams to enable performance monitoring.
- Drive implementation of Group’s cybersecurity policies, standards and controls in the Subsidiary, in compliance with applicable laws, regulations and international standards (i.e. EBA/ECB, SOX, PCI, Swift, NIST, CIS, etc.) to manage cybersecurity emerging threats and risks trends.
- Monitor compliance of cyber regulation ((framework, policies, standards and guides) and manage non-compliances, including waivers and exceptions.
- Engage and adopt Group’s Cyber Control Framework and internal control maturity assessment process.
- Assess, manage, and report cyber security risks to the Subsidiary and to Global CISO Organization.
- Coordinate Subsidiary cyber teams to support Global GRC team in the execution of independent assessments, audits and regulatory inspections of cybersecurity controls and certifications reviews (e.g.: ISO, PCI DSS, SOX) performed by internal/external parties, and support on the remediation of recommendations.
- Ensure that Subsidiary third-parties/vendor ecosystem is properly evaluated, assessed and managed to minimize risk exposure and risk impacts to the business, aligned with Group’s cybersecurity policies and standards.

**KNOWLEDGE AND SKILLS**
- Standards, Procedures & Policies: Knowledge of and the ability to utilize a variety of administrative skill sets and technical knowledge to develop and implement strategy, plans, policies, standards and procedures in compliance with laws and regulations in support of organizational cyber activities.
- Cybersecurity Risk Management: Knowledge of tools, techniques, approaches and processes of cybersecurity risk management; Ability to identify and assess the severity and potential impact of risks. Communicate risk assessment findings to risk owners in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance.
- Information Security Certifications and Audits: Knowledge of and the ability to utilize tools and techniques for assessing the effectiveness of information security measures, identifying potential risk exposures, and protecting the availability, confidentiality and audit trails of information from destruction or manipulation. Understanding of various risk and security certifications and attestations (SOC2, ISO 27001, etc.)
- Information Security Law and Regulations: Knowledge of domestic and international laws governing information security; ability to interpret and take action on the aspects of information security laws that impact the business (for example: Sarbanes-Oxley Act (SOX), Payment Card Industry Security [PCI] Standards, General Data Protection Regulation [GDPR])
- Industry certifications relating to security and risk management are desired
- Data Gathering and Reporting: Knowledge of tools, techniques and processes for gathering and reporting data; ability to practice them in a particular department or division of a company. Knowledge of how to leverage research and development centres, think tanks, academic research, and industry systems.
- Decision Making and Critical Thinking: Knowledge of the decision-making process and associated tools and techniques; ability to accurately analyse situations and reach productive decisions based on informed judgment.
- Effectiveness Measurement: Knowledge of effective measurement techniques and ability to measure the quality and quantity of work effort for the purpose of improvement.
- Santander cada um de nós é “Risk Pro”. Isto significa ter a responsabilidade pessoal de identificar, avaliar, gerir e reportar eventuais riscos para o banco decorrentes do desempenho das nossas funções. Vamos dar-lhe o conhecimento e as ferramentas para ser Risk Pro em todas as situações. Esta cultura de riscos é fundamental para o Santander Way, a nossa forma de trabalhar. _



  • Lisboa, Portugal Ankix Tempo inteiro

    **Oportunidade**: A Ankix é uma empresa especialista em competências tecnológicas que presta serviços nas áreas de IT Outsourcing e Consultoria / Desenvolvimento à medida. O nosso posicionamento carateriza-se pela qualidade e inovação das soluções que propomos, assim como pela dedicação e orientação para os nossos consultores & clientes, bem...


  • Lisboa, Portugal Synopsys Tempo inteiro

    51934BR - PORTUGAL - Lisbon, PORTUGAL - Porto **Job Description and Requirements** The Information Security Analyst will leverage multiple industry frameworks and regulatory standards including, but not limited to, ISO 27001, SOC 2 Type II, NIST 800-53, NIST CSF, GDPR, TISAX, SOX, etc. This person will liaise with all business groups including Finance,...


  • Lisboa, Lisboa, Portugal Defined Tempo inteiro

    About this roleAt Defined.ai, we're seeking a skilled Cybersecurity Analyst with expertise in governance, risk, and compliance (GRC) to join our team. This is an exciting opportunity to work with a leading AI company and contribute to the development of our Information Security Management System (ISMS).Responsibilities:Develop and maintain security policies,...


  • Lisboa, Portugal Inetum Tempo inteiro

    We are looking for a Continuity & Resilience Analyst - IT to join our Inetum Team and be part of a work culture focused on innovation!Location: Lisbon Responsibilities: Manage the IT Continuity and the IT Resilience of IT Assets;Maintain IT Governance Risk and Compliance (GRC) related to IT Continuity;Report, communicate and cooperate with...


  • Lisboa, Portugal Buscojobs Portugal Tempo inteiro

    MissionWe are looking for a Continuity & Resilience Analyst - IT to join our Inetum Team and be part of a work culture focused on innovation!Location: LisbonResponsibilities:Manage the IT Continuity and the IT Resilience of IT Assets;Maintain IT Governance Risk and Compliance (GRC) related to IT Continuity;Report, Communicate and cooperate with...

  • It Continuity

    3 semanas atrás


    Lisboa, Portugal Cybersecurity Tempo inteiro

    IT Continuity & Resilience Analyst @ Alenia Main Responsibilities:Manage the IT Continuity and the IT Resilience of WM IT AssetsEnsure that IT Continuity Classification for each asset is well assessed by IT owner and consistent with Business continuity needsMake sure IT Continuity plans (IC Plans) are completed and comply with Group Requirements for each IT...


  • Lisboa, Portugal Robert Walters Plc Tempo inteiro

    Our client is a global provider of advanced analytics, technology solutions, and contract research services for the healthcare industry. They are seeking a dedicated Information Security Compliance Analyst to play a pivotal role in ensuring the security and compliance of their organisation. This role offers an excellent opportunity to liaise with key...


  • Lisboa, Portugal Inetum Tempo inteiro

    Mission We are looking for a Continuity & Resilience Analyst - IT to join our Inetum Team and be part of a work culture focused on innovation! Location: Lisbon Responsibilities: Manage the IT Continuity and the IT Resilience of IT Assets; Maintain IT Governance Risk and Compliance (GRC) related to IT Continuity; Report, Communicate and cooperate with...


  • Lisboa, Lisboa, Portugal IQVIA Tempo inteiro

    At IQVIA, we are pushing the boundaries of human science and data science to make a significant impact on the life sciences industry. Our commitment to innovation and excellence has led us to create advanced analytics, technology solutions, and clinical research services that help our customers achieve their goals.The estimated annual salary for this role is...

  • IT Risk Analyst

    6 meses atrás


    Lisboa, Portugal askblue Tempo inteiro

    Do you know **AskBlue**? We were born in 2013, and we provide services in the field of information technology. We are looking for **IT Risk Analyst** to join our company in one of our projects, in **Tasks**: - IT Risk activities: - Contribute to the continuous improvement of WM GAIM IT Risk Management framework; - Produce IT risk assessment on various...


  • Lisboa, Portugal Iqvia Argentina Tempo inteiro

    JOB DESCRIPTION Role: As an Information Security Compliance Analyst, you will play a crucial role in ensuring the security and compliance of our organization. You'll be responsible for providing assurance to our external parties on the security posture of IQVIA. This role plays a significant part in our Global Information Security team and will provide an...


  • Lisboa, Portugal Dellent Tempo inteiro

    Dellent is a consulting company focused in System Information and Telecommunications. Our goal is to help our candidates and consultants to take a step forward in their careers through projects that meet their needs and expectations. In this project you will be able to contact with one of the key players in banking in the EU and around the world. Thus, you...


  • Lisboa, Portugal Buscojobs Portugal Tempo inteiro

    Dellent is a consulting company focused on System Information and Telecommunications. Our goal is to help our candidates and consultants to take a step forward in their careers through projects that meet their needs and expectations. In this project, you will be able to contact one of the key players in banking in the EU and around the world. Thus, you will...

  • Cybersecurity Expert

    4 semanas atrás


    Lisboa, Lisboa, Portugal TUI Tempo inteiro

    About TUI">TUI is the world's leading tourism group, operating in over 180 destinations worldwide.">Job Summary">We are seeking a Cybersecurity Expert to join our team, responsible for managing compliance and governance activities. This role will play a critical part in ensuring that our organization meets its strategic goals and maintains a strong...


  • Lisboa, Lisboa, Portugal Buscojobs Portugal Tempo inteiro

    Join a Global Team Dedicated to CybersecurityWe are seeking a highly skilled Cybersecurity Risk Analyst to join our team in Portugal. As a key member of our global cybersecurity team, you will play a critical role in identifying and mitigating cyber risks across various business areas.About the Role:The successful candidate will have a strong background in...


  • Lisboa, Lisboa, Portugal Dellent Tempo inteiro

    Dellent, a leading consulting company in System Information and Telecommunications, offers a unique opportunity for professionals to advance their careers through projects that cater to their needs and expectations.About DellentWe are a global player with a presence in over 50 countries, providing solutions in three key areas: investments, business...


  • Lisboa, Lisboa, Portugal TUI Tempo inteiro

    About This Role">We are seeking an experienced Senior Security Compliance Expert to join our team. In this role, you will play a key part in ensuring the effectiveness of our assurance and compliance programmes.You will have a proven track record of managing day-to-day compliance activities, including tracking and delivering actions towards regulatory...


  • Lisboa, Lisboa, Portugal Buscojobs Portugal Tempo inteiro

    Job Title: IT Continuity and Resilience AnalystWe are seeking a skilled IT Continuity and Resilience Analyst to join our team in Lisbon, Portugal. As an expert in this field, you will be responsible for managing the IT continuity and resilience of our assets, maintaining IT governance risk and compliance related to IT continuity, and reporting to...


  • Lisboa, Lisboa, Portugal ALTER SOLUTIONS Tempo inteiro

    Company OverviewAlter Solutions Portugal is an IT consultancy company that promotes digital transformation, part of the Alter Solutions Group established in 2006 in Paris.In 2022, Alter Solutions joined the act digital group, forming a global community of talent in technology with presence in twelve countries.We partner with over 120 clients and have a team...


  • Lisboa, Lisboa, Portugal Iqvia Argentina Tempo inteiro

    About Iqvia ArgentinaIqvia is a leading global provider of advanced analytics, technology solutions, and clinical research services to the life sciences industry. We believe in pushing the boundaries of human science and data science to make the biggest impact possible – to help our customers create a healthier world.Job Title: Senior Information Security...