Browse
···
Log in / Register
Job Summary: We are seeking a cybersecurity expert with deep AI knowledge to ensure the safe and controlled use of emerging technologies in complex banking environments. Key Highlights: 1. Member of the Prevent & Detect Cybersecurity team. 2. Leads AI security at an innovative bank. 3. Collaborates on the evolution of AI security controls. BARCELONA, B, ES, 08028 CaixaBank is a financial group with a socially responsible universal banking model focused on long-term vision, built on quality, proximity, and specialization. It offers a tailored value proposition of products and services for each segment, embracing innovation as a strategic challenge and a distinctive feature of its culture. Its leading position in retail banking in Spain and Portugal enables it to play a key role in contributing to sustainable economic growth. What projects do we develop? The rapid adoption of Artificial Intelligence (AI), generative AI, and autonomous agents in critical organizational processes is significantly expanding the risk surface, introducing threats not fully covered by traditional cybersecurity models. Currently, AI and cybersecurity governance—covering AI models, agents, and AI-driven decision chains—requires specific controls throughout their entire lifecycle: design, training, deployment, and real-time operation. In this context, it is essential to identify and onboard a specialized profile in AI and agent security, possessing deep expertise in both classical cybersecurity and emerging AI-specific risks, to ensure safe, controlled, and regulation-compliant AI usage. Job Location This position is based at CaixaBank’s Central Services in Barcelona. Candidate Profile: Must be able to integrate into the Cybersecurity Prevent \& Detect team, adapting defined processes and controls to AI environments while aligning them with other domains (Prevention, Detection, Response). Responsibilities * Define and evolve security controls specifically for AI models and agents. * Assess risks associated with new AI and agent use cases prior to deployment. * Design technical and operational guardrails for the use of generative AI and autonomous agents. * Collaborate with AI governance, technology risk, CSIRT, and CyberSOC teams. * Ensure runtime security for AI applications and agents. * Contribute to internal frameworks for AI pentesting and AI security evaluation. Minimum Requirements * Solid experience in cybersecurity, with focus on complex and critical corporate environments (banking, regulated sectors, or large enterprises). * Specific knowledge of AI-related security risks—including generative AI and autonomous agents—beyond traditional cybersecurity. * Ability to assess risks related to AI models, agents, and components across their full lifecycle (design, training, deployment, operation). * Experience protecting sensitive data in AI environments where AI consumes or generates critical information, ensuring no exposure and controlled usage. * Knowledge of AI-specific threats such as prompt injection and input/output manipulation. * Data exfiltration via models or agents. * Abuse of autonomous agents and AI-driven decision chains. * Experience in runtime security for AI applications, models, and agents—including continuous monitoring and detection of anomalous behavior. * Ability to define and implement technical and operational guardrails for generative AI and agent usage (action limits, access controls, validations). * Knowledge of cloud architectures and hybrid environments where AI models and agents operate (AWS, Azure, GCP, Salesforce), and their security implications. * Experience with AI security evaluation and testing frameworks—including generative AI pentesting and review of prompts and agent workflows. * Ability to work cross-functionally. * Orientation toward enabling secure AI usage—avoiding purely restrictive approaches that hinder innovation. * Critical thinking and risk awareness applied to emerging technologies. * Ability to clearly communicate complex AI risks to non-technical stakeholders and governance bodies. * Continuous improvement mindset, given the rapid evolution of AI threats and technologies. * Autonomy and technical leadership to define standards and criteria in an emerging domain. What We Offer? * Join the most innovative bank in Western Europe, according to The Innovators awards by the U.S. magazine Global Finance. * Personalized onboarding and mentoring program for your professional development. * Individual learning path with access to our online platform, offering an extensive catalog of self-paced learning resources to foster your continuous growth. * Comprehensive health insurance fully covered at no cost to you. Additionally, you will be enrolled in the Pension Plan, to which CaixaBank will contribute—thinking ahead to your future. * Flexible compensation applicable to transportation, training, languages, childcare, among others. * Flexibility measures (remote work, flexible start times). * Certified Top Employer, recognized as one of the best companies to work for. Job profile Establish, implement, and monitor security policies to anticipate, identify, and mitigate emerging security risks across the organization—including operational security and fraud arising from banking activities—as well as cybersecurity risks stemming from new internet-based threats. Competencies **HARD SKILLS** CONFLICT, THREAT AND VULNERABILITY MANAGEMENT SECURITY PLATFORMS SECURITY ARCHITECTURE TECHNICAL DOCUMENTATION APPLICATION SECURITY CLOUD AND INFRASTRUCTURE SECURITY INFORMATION SECURITY TECHNOLOGIES CYBERSECURITY PROCEDURES NETWORKS AND SECURITY SECURITY PLATFORM MANAGEMENT AND MONITORING**SOFT SKILLS** ALLIANCES – COLLABORATION AND CROSS-FUNCTIONALITY ALLIANCES – COMMUNICATION ALLIANCES – INFLUENCE ALLIANCES – CUSTOMER ORIENTATION HUMANISM – COMMUNICATION AND EMPATHY HUMANISM – LEADERSHIP AND TEAM DEVELOPMENT / SELF-LEADERSHIP ANTICIPATION – ANTICIPATION AND CHANGE MANAGEMENT EMPOWERMENT – RESULTS ORIENTATION DIVERSITY – PROMOTING DIVERSITY
