Job Summary: Technology Risk Analyst responsible for identifying, measuring, and managing IT risks, ensuring system availability and strategic alignment. Key Highlights: 1. Participation in digital transformation projects and public cloud migration 2. Definition and updating of risk management policies and procedures 3. Being part of the most innovative bank in Western Europe BARCELONA, B, ES, 08028 CaixaBank is a financial group with a socially responsible universal banking model focused on long-term vision, built on quality, proximity, and specialization, offering a tailored value proposition of products and services for each segment, embracing innovation as a strategic challenge and a distinctive feature of its culture, and whose leading position in retail banking in Spain and Portugal enables it to play a key role in contributing to sustainable economic growth. What projects do we develop? The department’s mission is to ensure the identification, measurement, assessment, management, mitigation, and reporting of CaixaBank Group’s Technology Risks, aiming to guarantee proper management of information technologies to ensure their availability through appropriate operation and maintenance, as well as adequate alignment of IT strategies with business strategic objectives. In this regard, the main areas we cover are: IT Availability, at the level of contingency solution controls, capacity, backups, and compliance with agreed service levels; Operations and Change Management, primarily from the perspective of change management, incidents and problems, obsolescence governance, application lifecycle management, inventory management, monitoring processes, and early incident detection; Governance and Strategy, in areas including license management, project management, demand management, and strategy governance. Our primary responsibilities are: Defining control objectives in the areas described above; Identifying weaknesses enabling improvement in technology control and CaixaBank Group’s risk appetite; Providing support and advisory services in defining action plans, solutions, or mitigations to be implemented to meet defined control objectives; Conducting periodic follow-up of risk assessment results and effectiveness of defined controls; Conducting periodic follow-up of Emerging Risks. This vacancy is available in Madrid or Barcelona. The projects you will undertake in this position are: * Participation as a risk specialist in cross-functional projects that may alter the entity’s risk profile (digital transformation, migration of technology to public cloud, deployment of new platforms in IaaS, PaaS, and SaaS, evolution of technology architectures, etc.). * Critical evaluation of technological change strategies pre- and post-implementation, enabling risk control and prevention mechanisms at any stage of associated deployment processes. * Identification of risk areas not covered by operational risk management owners, and identification of emerging risks enabling definition and implementation of new risk scenarios and control objectives. * Ideation / collaboration / validation of action plans to evolve technology management and control. * Definition, maintenance and/or updating of policies and procedures linked to risk management and operations models. * Interpretation, analysis, and design of regulatory and supervisory expectations (ECB and Bank of Spain) compliance in this area. * Proposal of implementation or updating of control domains, controls, or indicators to prevent or mitigate risks, based on operational needs or regulatory requirements. * Continuous analysis and control of technology risk, as well as related risks in the corporate outsourcing process. * Involvement in generating recurring reports for Senior Management, Governance Bodies, Supervisors, and Internal Audit. Minimum Requirements * University degree in engineering or sciences (computer science, telecommunications, mathematics, etc.), ideally complemented by training in economics, finance, or business. * Experience in technology risk management, either in operational management and execution of technology projects, in a risk specialist function, or within professional services. * Experience in managing the software development or infrastructure lifecycle. * Experience in managing and analyzing risks in projects developed on public cloud is valued. * Knowledge of recognized control frameworks and standards (especially ISO 27001) is valued. * Professional certifications in this field (e.g., CISA, CISM, ISO 27001, etc.) are valued. * Proficiency in office tools (Excel, PowerPoint, Word, Access). * Familiarity with banking business processes is desirable, especially customer-facing products and services delivered via electronic channels. * Fluent English, both reading comprehension and writing. Key Competencies * Ability to learn and identify key areas of concern, probability of failure, and potential impact arising from the operation and use of new technologies such as artificial intelligence, public cloud, predictive analytics, automation, and sustainable technology trends. * Results-oriented mindset and autonomy in developing projects and assigned tasks. * Teamwork generosity and ability to foster a collaborative environment. * Problem resolution and proposal of solutions (balance between reflection and speed), with focus on tangible outcomes. * Communication skills for interaction with other departments and executive reporting. * Autonomy and proactivity in assuming responsibilities. * Resilience and adaptability to changing and highly critical environments. * Experience with agile working methodologies. What do we offer? * The opportunity to join the most innovative bank in Western Europe, according to The Innovators awards by the US-based magazine Global Finance. * Onboarding program and personalized mentoring for your professional development. * Individualized learning path with access to our online platform, offering an extensive catalog of self-paced learning resources to support your continuous growth. * A comprehensive health insurance plan fully covered for you. Additionally, you will be enrolled in the Pension Plan, to which CaixaBank will contribute, planning ahead for your future. * Flexible compensation applicable to transportation, training, languages, childcare, among others. * Flexibility measures (remote work, flexible start times). * We hold the Top Employer certification, recognizing us as one of the best companies to work for. Job profile A Compliance and Control role responsible for measuring non-financial risk within its area of expertise (technology, information security, or resilience), identifying potential control weaknesses, and generating relevant information in this field to support decision-making by management and governance bodies. Competencies H BANKING REGULATORY AND COMPLIANCE FRAMEWORKS H TECHNOLOGY RISK / IT RISKS H COBIT (CONTROL OBJECTIVES FOR INFORMATION AND RELATED TECHNOLOGIES) H RISK ANALYSIS, PREVENTION, AND MANAGEMENT H PROCESS AUDITING S.1\.1 ALLIANCES – COLLABORATION AND CROSS-FUNCTIONALITY S.1\.4 ALLIANCES – COMMUNICATION H INFORMATION SECURITY MANAGEMENT S.1\.3 ALLIANCES – INFLUENCE H RISK MANAGEMENT SYSTEMS / TOOLS S.1\.2 ALLIANCES – CUSTOMER ORIENTATION S.2\.1 HUMANISM – COMMUNICATION AND EMPATHY S.2\.2 HUMANISM – LEADERSHIP AND TEAM DEVELOPMENT / SELF-LEADERSHIP H INTERNAL COMPLIANCE AND CONTROL TOOLS, SYSTEMS, AND PROCESSES H IT GOVERNANCE S.4\.1 ANTICIPATION – CHANGE ANTICIPATION AND MANAGEMENT S.3\.1 EMPOWERMENT – RESULTS FOCUS H FRAUD ANALYSIS, MANAGEMENT, AND PREVENTION S.5\.1 DIVERSITY – PROMOTING DIVERSITY H IT ARCHITECTURE H DATA PREPARATION/MOVEMENT TOOLS H REPORTING MODELS AND DEVELOPMENT