About the Role
">
This exciting opportunity is for an accomplished Vendor Risk Specialist to join our European team, based in Portugal (Lisbon).
">
As a key member of our team, you will be responsible for certifying and managing vendors regarding Cyber and Contingency risks.
">
The main activities you will undertake include:
">
- Review and challenge of inherent risk scoring of critical services.
">
- Certification of critical services / vendors, establishment and monitoring of remediation plans, and issuance of a residual risk rating.
">
- Reporting and collaboration with local CISO team regarding risk assessment results, continuous improvement of risk methodology, etc.
">
- Periodic reporting to local Cost / Risk areas and respective committees.
">
Your Skills & Qualifications
">
We are looking for someone with proven experience in Security Governance and Risk Management, alongside a solid education in Cybersecurity and Information Technology.
">
The ideal candidate will have:
">
- Years of experience working in Cybersecurity / IT Risk / IT audit.
">
- Knowledge of information technology and security certifications, standards and frameworks such as ISAE | SOC, NIST CSF, ISO/IEC, COBIT...
">
- Knowledge of IT Audit practices, IT Risk Management, Vulnerability Management, Security testing methodologies (OWASP, OSSTMM...).
">
- Communication and oral expression fluent in Portuguese and English; Spanish desirable.
">
What We Offer
">
We are committed to supporting your career growth and development, providing you with the knowledge and tools to become a 'Risk Pro'.
">
We promote a culture of personal responsibility for identifying, assessing, managing and reporting any risks to the bank arising from the performance of our duties.
">
At our organization, we value diversity and inclusivity, and strive to create a work environment that fosters collaboration and innovation.