**Reference:** 36813 **Location:** Spain \> Barcelona \> Sabadell/Madrid **Organizational Levels:** 00819064 \- Operations and Technology \> 00819796 \- Technology \> 00818822 \- Information Security \> 00815900 \- Cybersecurity \> 00814440 \- Cyber Protection **Possibility of multi-location:** Yes (1\) **Remember to update your professional profile before submitting your application** **What are we looking for?** -------------------------- From the Cyber Protection Unit, we are seeking a **Cybersecurity Professional** with energy, passion, and the desire to take on a new professional challenge in the fascinating world of cybersecurity. **Let's talk about the project...** ---------------------------- **Mission and Activities of the Unit** The information systems security unit's main objective is to ensure comprehensive protection of the organization's digital assets against potential threats and risks. This is achieved through the implementation of policies, strategies, and preventive measures that allow mitigation of vulnerabilities, detection of security incidents, and assurance of compliance with established standards and regulations. * Define and implement the strategy for managing information systems security. * Carry out and support other areas in the identification, analysis, and assessment of risks related to Information Systems Security. * Monitor information systems security incidents by tracking general business trends, technological developments, new threats/vulnerabilities, and solutions. * Verify the correct deployment and implementation of the principles and critical management parameters established in the security policy, as well as the development and application of related procedures. * Report to Management on the adequacy and effectiveness of the information systems security environment. **Responsibilities and Functions** --------------------------------- * Definition and deployment of information systems protection capabilities. * Definition and deployment of information systems access management capabilities. * Analysis of occurred security incidents and derived improvement actions. * Definition and monitoring of IT Security Project Plans. Monitoring of Security Weakness Remediation Plans and audit recommendations related to information systems protection. * Leadership of security review activities: vulnerability scans, penetration tests, specific reviews, privilege recertification, etc. * Evaluation, analysis, and verification of the correct deployment and implementation of security tools and configurations, as well as the development and application of related procedures. * IT Security reporting, obtaining risk indicators and relevant metrics for the protection of information systems. **What do we value in your application?** ------------------------------------- * University degree, with solid knowledge in information security and technological risks. * Certifications such as CISA, CISM, CISSP or equivalent will be an advantage. * Minimum of 3 years of experience in security within the banking sector, preferably in consulting or large companies. * Understanding of the capabilities and best security practices provided by major protection tools: Antimalware, DLP, Proxy, Firewall, SIEM, vulnerability detection and management, breach and attack simulation, etc. *Banco Sabadell is committed to fostering work environments where individuals are treated with respect and dignity, promoting the professional development of its workforce and ensuring equal opportunities in recruitment, training, and career advancement. We offer a workplace free from any discrimination based on gender, age, sexual orientation, religion, ethnicity, or any other personal or social circumstances.* *Banco Sabadell is part of the network of companies awarded the "Equality in the Workplace" distinction by the Ministry of Equality.* Note: This vacancy is an internal opportunity aimed exclusively at employees under the Banking Agreement; therefore, only applications from this group will be accepted. (1\) Multi-location: refers to the job location and includes the possibility of working from any point within the network of offices or corporate centers, regardless of the physical location associated with your position, while respecting telework guidelines. **Remember to update your professional profile before submitting your application** Contact the Office for Attention and Listening (OAE) for any inquiries.