Chief Information Security Officer

Chief Information Security Officer - SAM

Madrid, Spain

**WHAT YOU WILL BE DOING**

**WEALTH DIVISION / SANTANDER ASSET MANAGEMENT Spain is looking for a CISO, based in our MADRID office.**

**WHY YOU SHOULD CONSIDER THIS OPPORTUNITY**

**Santander Asset Management **is a global structure with strong local roots in Europe and Latin America. With presence in 11 countries, we have assets of more than €175 billion* working for institutional clients, individual clients, and intermediaries such as Santander banks in all geographies. Our knowledge in Latin America makes us real experts on the region, allowing us to provide you with unique opportunities to invest. Our philosophy is to manage our investments to capture maximum upside but also downside protection. We offer a comprehensive range of investment solutions, from investment funds to illiquid assets, to provide right answers to your needs.

Santander is proud of being an organization where there are equal opportunities regardless of gender identity, culture and disability. Our mission is to contribute to help more people and business prosper.

**WHAT YOU WILL BE DOING**

As a **CISO **, you will be responsible for the coordination of all cyber and technology risk management activities in the company; for supervising correct implementation of SAM cyber framework & strategy as a part of Santander Group’s cybersecurity framework & strategy, enabling adoption of global defenses across systems and information and leading implementation of Group minimum requirements, policy, controls and regulatory requirements.

We need someone like you to help us in different fronts:

- Coordination and management of all cyber and technology risk management activities in the company.
- Supervising correct implementation of cyber strategy in line with Group’s cybersecurity strategy
- Adoption of global defenses across systems and information and drive implementation of requirements, policies, controls and regulatory reporting.
- Assess and report cybersecurity risk to the company, perform security assessments and enforce remediation for cybersecurity risk´s and vulnerabilities in the company´s information, assets, systems, projects and third parties.
- Engage, coordinate and report cybersecurity activities and events with the relevant business areas, regulators, government agencies, partners and any other third parties.
- Support managers and business areas to drive the right security behaviours in the company.

EXPERIENCE
- 5 to 7 years auditing experience as a compliance manager, information risk specialist, or information technology auditor.
- 5 to 10 years management experience in information technology functions
- Experience in the financial/banking industry
- Experience in developing and managing high performing teams

EDUCATION
- Technical degree such in computer science, engineering or similar.
- Information security/risk management certification such as ISO27001, BS7799, ISACA, CISSP, etc.

SKILLS & KNOWLEDGE
- Excellent expertise in delivering risk and threat messages to senior audiences that drive engagement and buy-in.
- Excellent expertise in managing a diverse set of stakeholders and requirements including regulatory supervision.
- Excellent expertise in cyber policies implementation and monitoring.
- In depth knowledge of information technology and security solutions and frameworks.
- Strong leadership skills to develop and lead a high performing team of experts.
- Strong communication skills, both written and verbal, to communicate effectively across a wide range of stakeholders. Proven ability to explain security issues in clearly to a wide range of stakeholders. Ability to articulate and communicate intelligence on adversaries, campaigns and threats.
- Strong negotiating, conflict resolution, influencing and stakeholder management skills to ensure effective change management.
- Ability to work under-pressure.
- Ability to inspire engagement in people through leading by example and cultivating a culture of transparency and staff influence.
- Ability to understand the business context and technology manage uncertainty and apply
- Languages: Spanish / English**WHAT WE ARE LOOKING FOR**

EXPERIENCE

EDUCATION

COMPETENCIES

Crisis Management (Working Knowledge), Cybersecurity Risk Management (Working Knowledge), Fraud Management (Working Knowledge), Identity and Access Management (Extensive Experience), Information Security Management (Extensive Experience), Information Technology (IT) Security Policies (Extensive Experience), Knowledge of Organization (Working Knowledge), Project Management (Extensive Experience)