BME - Bolsas y Mercados Españoles - drives the transformation of financial markets and belongs to SIX, the third largest exchange group in Europe.
What sets us apart drives us ahead: between local roots and global relevance, we are a unique blend of tradition and future, of foundation and growth. We value bright minds and inspire them to grow with their ideas. Come and shape the future of finance with us.
Senior IT & Security Risk Officer
Madrid | Working from home up to 40% | Reference 7584
We are an international team, working in Spain and Switzerland. To fulfill our duties, we are seeking a highly skilled and experienced Senior IT & Security Risk Officer to join our team in Madrid. As the 2nd Line of Defense within SIX, Corporate Security is responsible company-wide for the design, maintenance and control of all Integral Security Risk guidelines and requirements (including Business Continuity Management, Physical Security as well as IT & Security risks for third parties). Additionally, we are responsible for the monitoring and independent assessment of IT and security specific key controls. We also support the implementation of various contractual, regulatory and legal security requirements (e.g. SWIFT, Internal Control System (ICS), PCI-DSS).
Does it sound interesting for you? Don't hesitate and apply now with your CV in English.
What You Will Do
- Act as the CRO contact for Integral Security-related risks, ensuring comprehensive risk management practices
- Collaborate with various stakeholders to identify, assess, and mitigate Integral Security risks
- Oversee the implementation of Integral Security risk measures and regular reporting to senior management
- Conduct regular assessments and spot checks to ensure the effectiveness of IT controls
- Conduct Independent Project Risk Assessments by evaluating project dimensions such as Scope, Time, Cost, Benefit realization, Resources, Risk, and Organization to ensure project objectives are met
What You Bring
- Bachelor’s degree in Information Technology, Computer Science, or a related field
- +5 years of experience in IT risk management, ICS / IT controls, security policy management and audit or compliance within the financial services industry
- Strong understanding of IT processes, operations, and architectures
- Strong communication skills, both written and verbal, in English; Spanish or German is a plus
- Relevant certifications such as CRISC, CISM, CISSP, or CISA are highly desirable. Knowledge of COBIT, PCI-DSS, ISO/IEC 2700x, ISAE3402, ISF Standard of Good Practice is an advantage
If you have any questions, check out our FAQ page or call Sara Perez de la Cuesta at +34 91 709 56 80.
For this vacancy we only accept direct applications in English.
Diversity is important to us. Therefore, we are looking to receiving applications regardless of any personal background.
What We Offer
Flexible Work Models
We trust our employees and offer a work environment that is well-balanced, productive and fosters success.
Personal Development
You will benefit from a culture of continuous learning and feedback. Your personal growth is supported through an extensive learning offering.
Agile Working Methods
Whether through scrum or design thinking,
we solve exciting tasks together in teams.