Logo of Huzzle

Home

Matches

Explore

Manage

Chief Information Security Officer (CISO) - PagoNxt

image

Santander

Jan 8

  • Job
    Full-time
    Expert Level
  • IT & Cybersecurity
    Business, Operations & Strategy
  • Madrid
  • Quick Apply

AI generated summary

  • You need senior leadership experience in risk management, a tech-related degree, strong communication skills, project management ability, and knowledge of cybersecurity frameworks and regulations.
  • You will lead cyber security strategy, oversee information security, manage risks, ensure compliance, coordinate incident responses, and communicate with stakeholders to align objectives.

Requirements

  • Demonstrated experience and success in senior leadership roles in risk management, information security, or IT Security
  • Degree in business administration or a technology-related field such in science or engineering.
  • Desired, but not required:
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials.
  • Experience successfully executing programs that meet the objectives of excellence in a dynamic business environment.
  • Knowledge and understanding of relevant legal and regulatory requirements regarding Cybersecurity.
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
  • Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies.
  • Up-to-date knowledge of methodologies and trends in both business and IT.
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists.
  • Strategic leader and builder of both vision and bridges, and able to energize the appropriate teams in the organization.
  • Ability to lead and motivate the information security team to achieve tactical and strategic goals.
  • Excellent stakeholder management skills.
  • Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
  • Project management skills: financial/budget management, scheduling and resource management.
  • A master of influencing decisions when achieving a desirable outcome is vital.
  • Poise and ability to act calmly and competently in high-pressure, high-stress situations.
  • High degree of initiative, dependability and ability to work with little supervision while being resilient to change.
  • High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
  • Has good judgment, a sense of urgency and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity.
  • A critical thinker, with strong problem-solving skills.
  • Strong problem-solving and trouble-shooting skills.
  • Self-motivated and possessing of a high sense of urgency and personal integrity.

Responsibilities

  • Lead the Organization
  • Set and supervise correct implementation for PagoNxt cyber security strategy in line with Santander Group’s Cyber Security Corporate Framework and Strategy, PagoNxt regulatory requirements and business needs.
  • Leads the information security function across PagoNxt company to ensure consistent and high-quality information security management in support of the business goals.
  • Ensure alignment of objectives and priorities for Pagonxt subsidiaries’ CISOs
  • Oversee the budget for the information security function, monitoring and reporting.
  • Implement the Strategy
  • Implements the information security vision and strategy that is aligned to organizational priorities and enables and facilitates the organization's business objectives, and ensures senior stakeholder buy-in and mandate.
  • Support and enable adoption of Santander global defenses across systems and information of PagoNxt.
  • Implements and oversees a strategic, comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy and recovery of information assets owned, controlled or/and processed by the organization.
  • Works effectively with business units to facilitate information security risk assessment and risk management processes.
  • Build the Network and Communicate the Vision
  • Creates the necessary internal networks among the information security team and line-of-business executives, corporate compliance, audit, physical security, legal and HR management teams to ensure alignment as required.
  • Operate the Function
  • Drive implementation of Santander Group´s cyber security minimum requirements, policies and regulatory requirements in PagoNxt.
  • Implements a risk-based process for the assessment and mitigation of any information security risk in the ecosystem consisting of supply chain partners, vendors, consumers and any other third parties.
  • Facilitates the processes for information security risk and for legal and regulatory assessments, including the reporting and oversight of treatment efforts to address negative findings.
  • Ensures that security is embedded in the project delivery process by providing the appropriate information security policies, practices and guidelines.
  • Manages and coordinates under the Global Respond instructions the information security incidents and events to protect corporate IT assets, intellectual property, regulated data and the company's reputation.
  • Works with the Global Respond team to monitor the external threat environment for emerging threats, and advises relevant stakeholders on the appropriate courses of action.
  • Coordinates the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support and in-house consulting in these areas.
  • Establish Governance and Build Knowledge
  • Set up a CISO governance model to ensure adequeate alignment and oversight of subsidiaries’ CISOs book of work.
  • Provides regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders as part of a strategic enterprise risk management program, thus supporting business outcomes.
  • Develops, socializes and coordinates implementation of security policies.
  • Understands and interacts with related disciplines, either directly or through committees, to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management.
  • Provides clear risk mitigating directives for projects with components in IT, including the mandatory application of controls.

FAQs

What is the job title for this position?

The job title is Chief Information Security Officer (CISO) for PagoNxt.

Where is the job located?

The job is based in Boadilla del Monte, Madrid, Spain.

What company is offering this position?

The position is offered by Santander.

What is the mission of Santander as mentioned in the job description?

The mission of Santander is to contribute to helping more people and businesses prosper.

What are the main responsibilities of the CISO for PagoNxt?

The main responsibilities include coordinating cyber risk management activities, implementing cyber strategy, overseeing information security functions, and ensuring compliance with regulatory requirements.

To whom does the CISO for PagoNxt report?

The CISO reports hierarchically to the T&O of PagoNxt with a functional reporting line to the Global CISO.

What qualifications are required for this role?

A degree in business administration or a technology-related field, along with demonstrated experience in senior leadership roles in risk management or information security.

Are any certifications preferred for this position?

Yes, certifications such as CISSP, CISM, CISA, or CRISC are preferred but not required.

What skills are important for the Chief Information Security Officer?

Important skills include excellent communication, strategic leadership, stakeholder management, project management, and strong analytical abilities.

Is experience with cybersecurity frameworks necessary for this role?

Yes, knowledge of cybersecurity management frameworks like ISO/IEC 27001, NIST, and others is required.

What personal characteristics are sought after in a candidate for this position?

Desired characteristics include high integrity, ability to handle confidential matters, poise under pressure, strong problem-solving skills, and self-motivation.

Is diversity valued at Santander?

Yes, Santander values diversity in backgrounds, nationality, gender, and more.

image

Santander

Here to help you prosper

Finance
Industry
10,001+
Employees
1857
Founded Year

Mission & Purpose

Santander is a leading global bank, founded in 1857 and headquartered in Spain, and is one of the largest banks in the world by market capitalisation. It provides a wide range of financial products and services, including personal and corporate banking, wealth management, and insurance. With a strong presence in Europe, Latin America, North America, and Asia, Santander's mission is to help people and businesses prosper by offering customer-centric solutions. Its purpose is to support growth and innovation while fostering responsible banking practices to benefit individuals, businesses, and communities.