Technology Risk, Governance & Controls Senior – Risk & Compliance; ODS

Technology Risk, Governance & Controls Senior – Risk & Compliance (ODS)
Country:
EspañaOpen Digital Services is the software development company of Santander Group powering the next generation of banks by creating innovative banking products and implementing them in collaboration with Santander Group Affiliates.

Santander Group is one of the world's largest financial institutions and the Eurozone's leader, we're committed to being the best Digital Bank with Branches in the industry.
Our mission at ODS is to design and support an advanced digital and omnichannel platform, ensuring the best customer experience using cutting-edge technology. Openbank, our flagship partner, is where we develop our most advanced concepts first. Be part of our Best-in-Class  team and help us create unique value for our customers!

Join us to tackle exciting tech challenges in an agile environment, benefiting from learning, growth, and local and international career opportunities in a modern, diverse setting.
** Mission:
** The Risk & Compliance team, from a transversal second line of defence perspective, defines and monitor technology KPIs and KRIs across countries, challenges constructively, identifies emerging risks early and supports technology teams in strengthening security, resilience and regulatory compliance.

The job has direct executive impact: this role enables informed senior-management decisions, reinforces regulatory confidence and helps scale digital products safely, consistently and sustainably across all geographies.
** Responsibilities:
** Management and monitoring of Technological and IT Risk indicators (KPIs/KRIs) across countries:
* Definition and maintenance of KPIs/KRIs.
* Ongoing monitoring of indicator performance and analysis of deviations.
* Critical review of reported information and effective challenge to teams to ensure data quality and consistency.
* Identification of control weaknesses and relevant risks.
* Escalation of alerts and support in the definition and follow-up of action plans.

Reporting to countries / subsidiaries:
* Development of periodic reports of metrics and KPIs.
* Coordination with local teams for information gathering and validation.
* Ensuring homogeneous criteria and aligned messaging at Group level.

Application management and inventory:
* Maintenance of the application inventory.
* Technical review of applications according to their classification (criticality, confidentiality, RTO, RPO, data, etc).
* Verification of compliance with required controls based on the application category (security, continuity, resilience, etc.).
* Gaps follow-up and remediation actions.

Technological

Risk management:

* Identification, assessment and monitoring of technological risks.
* Support to IT areas in the definition of mitigation plans.
* Follow-up of action plans.

Operational Risk:
* Management of IT risks within the Bank’s internal Operational Risk framework.
* Support in the identification of changes, root causes and IT-related controls.
* Coordination with Operational Risk teams.

IT control framework oversight:
* Assessment of the adequacy and effectiveness of IT controls.
* Identification of gaps and areas for improvement.
* Follow-up of action plans and supporting evidence.

Interaction with internal and external audit:
* Support in internal and external IT / technology audits.
* Follow-up of findings and action plans.

Governance and awareness:
* Support in training and awareness initiatives.
* Promotion of IT control best practices.

Continuous improvement and automation:
* Proposal of improvements to control and reporting processes.
* Use of tools to automate indicators and reporting.

Cross-functional coordination:
* Coordination with IT, Security, Continuity, Data and Risk areas.
* Alignment with regulatory and corporate requirements.
** To be successful in the role you must have:
*** At least 4 years of experience in Technology Governance, Risk and Compliance (IT / Cyber GRC) within large, regulated, and international environments.
* Strong expertise in defining, overseeing and challenging KRIs, risk metrics and dashboards, ensuring data quality, consistency and meaningful insight.
* Proven experience in senior-level…