Cybersecurity engineer & technical compliance - Cybersecurity (OPENBANK)

Posted:
11/10/2024, 4:00:00 PM

Location(s):
Madrid, Community of Madrid, Spain ⋅ Community of Madrid, Spain

Experience Level(s):
Mid Level ⋅ Senior

Field(s):
IT & Security

Workplace Type:
Hybrid

Cybersecurity engineer & technical compliance - Cybersecurity (OPENBANK)

Country: Spain

Join Openbank, the 100% digital bank of the Santander Group, where innovation meets opportunity! With over 2 million customers across Spain, Germany, the Netherlands, Portugal, we're leading the way in digital banking. From loans and mortgages to a cutting-edge, fully automated investment platform, our products are transforming the industry.

At Openbank, we pride ourselves on simplicity, agility, and security, earning us the title of the most recommended Spanish bank among our customers. Technology is in our DNA and we are constantly developing new digital solutions and products. And we're not stopping there! At Openbank we are proud to be a bank that is gaining more and more international presence, we have just landed in the United States and we have plans to launch in Mexico.

If you're passionate about digital innovation, eager to make an impact, and ready to be part of a dynamic and forward-thinking company, then we want to hear from you! Join us and be part of our journey to redefine banking for the digital age!

Mission:

Strengthen our security posture across a hybrid environment encompassing both cloud and traditional on-premises infrastructure. In this role, you will be responsible for implementing and managing security measures to protect our data, systems, and applications. Your expertise will support the organization in mitigating security risks and ensuring compliance with industry standards across diverse technological environments.

The main responsibilities will be:

Security Architecture & Implementation:

  • Implement security strategies tailored to hybrid infrastructures, covering cloud platforms and traditional on-premises systems.
  • Deploy group and local security solutions, such as firewalls, intrusion detection systems, VPN, and network access controls for both cloud and on-premises environments.
  • Collaborate with IT, DevOps, and network teams to incorporate security hardening controls and best practices into system design and roll out.
  • Utilize SIEM (Security Information and Event Management) tools to consolidate and analyze security events in real-time from multiple sources.

Risk Assessment & Vulnerability Management:

  • Conduct regular security assessments, vulnerability scanning, and penetration testing across both cloud and on-premises infrastructures.
  • Implement policies to address identified risks, ensuring compliance with security standards such as ISO 27001, NIST, and others relevant to the hybrid environment.
  • Coordinate with internal audit teams to ensure regulatory and policy compliance, particularly in areas where cloud and on-premises systems intersect.

Cloud & On-Premises Security:

  • Configure and manage security settings and tools within cloud platforms (e.g., AWS, Azure, or Google Cloud), and apply industry-standard security practices to on-premises infrastructure.
  • Implement security controls like IAM (Identity and Access Management), encryption, and data loss prevention in both cloud and on-premises systems.
  • Manage security for virtualized environments and containerized applications, ensuring they comply with organizational policies.
  • Follow up on vulnerability, configuration, and coverage metrics and reporting about assessment coverage.
  • Monitor and verify that technology teams apply proper controls and follow security recommendations.

Requirements

  • Education: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. Relevant certifications (e.g., CISSP, CISM, CEH, AWS Certified Security) are preferred.
  • Experience: 2+ years of experience in cybersecurity, with expertise in both cloud (e.g., AWS, Azure, GCP) and on-premises security environments.
  • Strong understanding of security principles, protocols, and technologies applicable to both cloud and traditional infrastructure.
  • Proficiency with security tools for network, application, and endpoint protection, including VPN, SIEM, IDS/IPS, and firewalls.
  • Hands-on experience with cloud security configurations and traditional network security.
  • Familiarity with scripting languages (e.g., Python, PowerShell) for security automation.
  • Analytical mindset with excellent problem-solving abilities.
  • Effective communication skills and the ability to collaborate with cross-functional teams.
  • Adaptability and proactive approach to emerging cybersecurity threats.
  • Knowledge of regulatory frameworks (e.g., GDPR, HIPAA) and industry standards relevant to cloud and on-premises security.
  • Experience in securing virtualized environments, container security (e.g., Docker, Kubernetes), and hybrid network configurations.
  • Familiarity with DevSecOps practices and integration of security into CI/CD pipelines.
  • Knowledge of vulnerability assessment tools, techniques, models, and systems; ability to utilize this knowledge to identify vulnerabilities on network, operating system, mobile application, etc.
  • Knowledge of technologies and technology-based solutions dealing with information security issues; ability to apply these in protecting information security across the organization.

What do we offer?

- Joining a dynamic and agile company undergoing international expansion.

- Working in start-up mode with the support of the Santander Group.

- Competitive remuneration and attractive benefits package.

- Possibility of growth within the company and the Group.

- Collaborating on international projects in different countries.

- Excellent work environment, social clubs and frequent events.

Would you like to grow with us? Join our team!

Openbank is an equal opportunity employer. All applicants will be considered as equal without paying attention to gender identity, sexual orientation, ethnicity, religion, age, political orientation, union membership nor disability status.

We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify, and build.

The personal data you provide as well as any data generated during the selection process are confidential and will be processed by Open Bank, S.A./ Open Digital Services, S.L. with registered office at Plaza de Santa Bárbara 2, 28004 (Madrid), for the sole purpose of managing your participation in the selection processes and, where appropriate, to formalise your recruitment.  

For further information about your rights and data protection, please read the ODS/Openbank Privacy Policy applicable to this type of data processing here.

#OPENBANK

#OBTECH22