This is Us A team of more than one thousand people sharing an idea: doing our bit in helping our clients create a better future for themselves, providing them with the tools they need to get where they want to go.   In today’s world, we know this happens because we are a fully online bank. We were born out of that idea and 20 years on, technology, simplicity and transparency continue to be the ingredients of the recipe that leaves the best taste in our mouths: being more than just a bank, someone useful in the lives of the millions of clients who have chosen us.   The way we do things also mirrors our eagerness to innovate. We are proud to be one of the very first banks to work with agile methodologies. It doesn’t ring a bell yet? No worries, we will be delighted to tell you all about it. You will find it’s one of those things you’ll want to repeat over and over.   And although we are based in Spain, we like to cross borders. We are lucky to work with international teams every day across 44 countries, composed of women and men as equal as they are diverse. Because here you are completely free to be who you want to be, love whomever you choose, and even go for pineapple as your pizza topping.   Making things happen, helping others be successful, always being one step ahead—that’s our DNA. If you look at yourself in the mirror and your reflection matches our way of being and working…we are looking forward to meeting you!     What are we looking for? In the Data Office department of ING, we provide Data Management capabilities to the Bank, ensuring we have a clear and agreed Data architecture, promoting the use of a common language and culture around the data, focusing on Data Quality for a proper use and interpretation of data and taking care of the Data privacy and how customer data is used. Our purpose is to become a data driven organization.   We are looking for a person who joins the department as a Data Protection Specialist, performing the following tasks: Coordinate the implementation of global privacy program and ensure compliance with regulations (GDPR) in a proactive way, looking for a good customer experience. Perform Data Protection key control tests in design and execution, providing enough quality evidences, identifying gaps and defining remediation actions. Design Data protection policies and procedures ensuring minimum business impact, and making them visible to the organization in an understandable way. Setup a privacy network in cooperation with other departments and provide valuable insight regarding Data Protection topics. Provide support for the Data Protection related incidents and individual rights and create smart KPIs to allow monitorization of activities in order to improve them. Execute the Data Protection Impact assessments and maintain a healthy record of processing activities. Lead a continuous compliance with the deletion and retention program, defining the strategy and ensuring its implementation. Manage dependencies, impediments and priorities of the different local streamlines, to ensure that they support and prioritize the general needs of both local and global programs. Ability to work in a local and global team, promoting orange values, influencing a global environment. Availability to attend meetings in other countries. Encourage communication between the different areas of the bank (business, technology, etc.) to ensure that data is a key asset in the bank. Lead cross teams responsible for developing new information needs defining strategy, planning and ensuring quality and sustainability of the solutions developed.   What do we offer?   Flexible schedule. What goes on at ING matters much to us. But we know that the most important things are outside the office.   Free meals. So that thinking about what to have for lunch doesn’t take up your time or your cravings.     Life and health insurance. For you and all your family (spouse/partner and children).    Free company shuttle. We take you from Madrid city center to our offices at Las Rozas (and back!).   Banking benefits. Special loan or mortgage terms after 6 months working at the bank. And benefit from our pension plan after 2 years with us. More health, more sports. Paddle tennis court and lessons available to you. Runners club with your own trainer. Clinics with professional, world-class athletes. Physiotherapy service on site.

Everis AEDE busca incluir en su plantilla varios perfiles Consultores/as de Seguridad de la información para su incorporación en nuestros proyectos de la línea de Negocio de GRC & BC en Madrid.   Buscamos perfiles que aporten entre 2 y 5 años de experiencia en labores del ámbito de los Riesgos Tecnológicos, Ciberseguridad o Seguridad de la Información.   Entre sus funciones estarán: Proyectos de consultoría GRC (Governance, Risk & Compliance). Adecuación y desarrollo de marcos normativos en el ámbito de las TIC, principalmente SGSI, ISO 27001, ISO 22301, GDPR. Análisis, evaluación y gestión de riesgos tecnológicos, ejecución de análisis de riesgos basado en metodologías reconocidas, así como la elaboración de los planes de acción y gestión de riesgos. Desarrollo e implantación de SGSI. Diagnóstico, consultoría y auditoría de seguridad, protección de los activos, continuidad de negocio y servicios TI conforme estándares internacionales COBIT, ISO 27001, ISO 22301, ITIL y normativa nacional e internacional. Diseño y elaboración de Planes directores de seguridad y Planes estratégicos. Desarrollo de Planes de Continuidad de negocio. Proyectos de gobierno de la continuidad y gestión de crisis. Desarrollo de Ciber ejercicios, etc. Proyectos de compliance, ayudando a nuestros clientes a cumplir con las regulaciones específicas nacionales e internacionales desde un punto de vista legal y tecnológico y de la información (PSD2, ENS).   Requisitos mínimos: FP de Grado Superior en Informática, Licenciado o Ingeniero (Telecomunicaciones, Informática, etc.) Nivel alto de inglés. Experiencia mínima de 2 años en empresas consultoras de ámbito internacional participando en proyectos de seguridad de la información y ciberseguridad vinculados a las líneas de trabajo mencionadas en el punto anterior. Carácter dinámico con vocación de aprendizaje continuo.   Requisitos deseables:   Experiencia en gestión de equipos. Experiencia en proyectos de estudio y realización de informes de análisis de riesgo, planes de contingencia y continuidad, protección de datos, SGSI y ENS. Experiencia en proyectos de selección y despliegue de herramientas de seguridad. Conocimiento de regulaciones que afectan a la protección de los activos de información como GDPR, PCI-DSS, PSD2, etc.) Conocimiento de estándares relevantes de la industria (COBIT, ISO27001, ENS, NIST, etc.) Certificaciones de seguridad (CISA, CISM, ISO27001, etc.)

  The European Union Agency for Cybersecurity (ENISA) is looking to draw up reserve lists of in total 75 candidates, from which at least 12 experts will be recruited immediately to start work in 2020 and potentially 6 experts with a starting date of 01.01.2021 to support the Agency’s activities in one or more of the following areas, pursuant to Chapter II of Regulation (EU) 2019/881 - Cybersecurity Act (CSA): Place of employment: Athens, Greece. Please send us your application by no later than 24 April 2020 at 15:00 CET.     What candidates is ENISA looking for? ENISA is looking for candidates that fit into one or more of the following profiles: Profile A: knowledge and experience in cybersecurity on a technical, operational or strategic level, acquired through relevant academic studies, research and/or professional experience as a manager, expert, analyst, officer or IT specialist in private or public sector. Profile B: sectorial ICT technical or ICT policy knowledge and experience, and proven professional understanding of cybersecurity issues in one or more sectors or policy fields (e.g. transport, energy, telecommunications, financial services, utilities, health, digital services, emerging technologies etc.) or in the digital economy and society, acquired through relevant academic studies, research and/or professional experience as ICT manager, ICT expert or ICT policy officer in the private or public sector. Profile C: strong background in economics, law, journalism, communication, social sciences, EU public sector, etc. with a relevant link to cybersecurity resulting in a proven insight and proven understanding and interest into cybersecurity, acquired through relevant academic studies, research and/or professional experience in EU or national private or public sector. The call for expression of interest covers function group administrators (AD) across three grades in line with the EU institutions grading system ranging from AD6 to AD8. As part of the process, the reserve list that will be formed for each grade will also be used to identify candidates for future positions. The reserve lists established will be valid until 31/12/2022.   Closing Date: 2020-04-24 15:00 CET

RISK DIVISION (NON-FINANCIAL RISK TEAM) is looking for a CONTROL MODEL, based in our HEADQUARTERS office (Boadilla del Monte).   WHY YOU SHOULD CONSIDER THIS OPPORTUNITY Would you like to be part of one of the largest transformations the World is experiencing in the past several decades? In Financial Services, consumer expectations are rising, and technological advances are enabling amazing customer experiences and new businesses not possible before. The emergence of disruptive platforms as a business model has reshaped other industries and is poised to do the same in financial services.   At Santander (www.santander.com) we embrace this change. Credit Risk, Interest Rate Risk, liquidity risk, operational risk, reputational risk… There are many types of risks, that's why it analysis and quantification is key for our purpose of being a Simple, Personal and Fair bank. Working on risks means doing it from a management perspective that contributes to the sustainable progress of people and companies. Santander is proud of being an organization where there are equal opportunities regardless of gender identity, culture and disability. Our mission is to contribute to help more people and business prosper. You can click here Why Santander to watch a short clip and learn why banking is still exciting.   WHAT YOU WILL BE DOING   As a Control Model, you will be responsible of provide independent control and oversight of effective risk management practices implementation.   We need someone like you to help us in different fronts: In close collaboration with cyber security experts, design mitigation measures ensuring a risk based approach   Monitor, track and report the status of agreed remediation actions with stakeholders   Assess and report on the adequateness of the implementation of the Santander Cyber Security Strategy and Vision.   Develop and maintain a service-based metrics process designing to measure the effectiveness of security program and risk monitoring   Provide 2LoD point of view and oversight in the 1LoD cybersecurity forums (access control, threat & vulnerability management, alignment forum, etc.) to ensure that the highest threats are detected and the appropriated mitigation actions plans are in place and these plans progress properly.   Engage with global control owners to assess key controls maturity   Aptitudes y experiencia deseadas WHAT WE ARE LOOKING FOR   EXPERIENCE Required Min 10 years of experience of Cyber Security in finance industry   EDUCATION Required   Computer Science or similar   SKILLS & KNOWLEDGE Required   Knowledge of frameworks and standards related to security and risk management. (FFIEC, FAIR, ISO27001; ISO31000, NIST)   High level of Spanish and English (minimum C1) Desired Security certifications confirming knowledge and training. (For examples: CISSP, CISA, CEH, CISM, CRISC)   WHAT WE OFFER YOU   Welcome to #TheSantanderEffect. Here, with only a small action or a simple idea, you can do great things. We offer you the advantages and the means to contribute to the progress of more than 140 million people around the world. These are the key factors that multiply the actions of all our employees:   Meaningful Impact - Where the effect of your work makes a difference and helps people to prosper   Personal and Professional Growth - The chance to develop through world-class training, challenging work, and different roles   Respect - Be part of an organization that cares – about its people, its wider community, and the environment   Co-worker quality - Work with inspiring professionals who are leaders in their field   Global stability - Work for a solid global organization that has successfully reinvented itself many times in its 160- year history.

En ECB Engineering Firm nos dedicamos a la búsqueda, identificación y selección de profesionales altamente cualificados, especializada en perfiles técnicos en medios y altos cargos para la industria de la Ingeniería y la Tecnología. Somos una multinacional con presencia en diferentes países del mundo con capacidad para la gestión de proyectos en los 5 continentes.   Estamos buscando un perfil de Consultor de Ciberseguridad con ganas de crecer con nosotros, encargándose de la prestación de servicios de asesoría de Ciberseguridad para nuestros clientes, tanto a nivel nacional como internacional. La persona seleccionada será responsable del diseño de los servicios, identificación de las necesidades de los clientes y creación de planes de acción concretos para alcanzar los objetivos establecidos.   Buscamos una persona proactiva con motivación de crecimiento y orientación a la gestión de equipos, teniendo la oportunidad de construir desde cero un área especializada.   ¿Qué necesitamos? Conocimiento en normativa de Seguridad de la Información (ISO 27001). Experiencia en Auditoría de Seguridad. Conocimientos en herramientas de Hacking Ético. Experiencia de al menos un año en rol similar. Valorable disponer de conocimientos/experiencia en Transformación Digital (conceptos como Indicador de Madurez Digital - IMD). Valorable disponer de conocimientos en eMarisma. Nivel de inglés avanzado.   ¿Qué ofrecemos? Integración en una estructura joven, dinámica y horizontal de trabajo. Posibilidad de colaborar en proyectos de impacto nacional e internacional. Trabajo por objetivos, con horario de entrada y salida flexible.