Incident Response & Attack Surface Manager (CERT & CTU) - Cybersecurity (OPENBANK)

Incident Response & Attack Surface Manager (CERT & CTU) - Cybersecurity (OPENBANK)

Country: Spain

Join Openbank, the 100% digital bank of the Santander Group, where innovation meets opportunity! With over 2 million customers across Spain, Germany, the Netherlands, Portugal, we're leading the way in digital banking. From loans and mortgages to a cutting-edge, fully automated investment platform, our products are transforming the industry.

At Openbank, we pride ourselves on simplicity, agility, and security, earning us the title of the most recommended Spanish bank among our customers. Technology is in our DNA and we are constantly developing new digital solutions and products. And we're not stopping there! At Openbank we are proud to be a bank that is gaining more and more international presence, we have just landed in the United States and we have plans to launch in Mexico.

If you're passionate about digital innovation, eager to make an impact, and ready to be part of a dynamic and forward-thinking company, then we want to hear from you! Join us and be part of our journey to redefine banking for the digital age!

Mission and responsibilities:

Manage complex cyber security incidents within Openbank and the group by responding to and coordinating significant incidents. Ensure successful resolution and adopt lessons learned to increase the cyber resilience of Openbank.

The main tasks of this position will be the following:

• Design and supervise an organized approach to managing the aftermath of security breaches or cyberattacks to limit damage and reduce recovery time and costs.
• Perform digital forensic analysis, dynamic evidence recovery, and coordinate global stakeholders for evidential-standard investigations.
• Lead the design and development of enterprise-wide Red team and vulnerability management programs.
• Optimize processes and standards for systems and network defense to strengthen the attack surface and reduce risk.
• Champion advanced tools and technologies to enhance organizational security capabilities.
• Monitor and verify that technology teams implement proper security controls, fix misconfigurations, and follow security recommendations.
• Coordinate response teams for timely containment, eradication, and investigation tasks.
• Document case narratives, processes, and findings in the Incident Orchestration tool and standalone Forensic Reports.
• Orchestrate resources for high-impact cyber-incident resolution, coordinating various areas including Business, Comms, Compliance, and IT teams.
• Prepare and execute incident exercises such as tabletop simulations, DDoS simulations, and Cyber incident recovery tests.
• Create containment strategies based on incident type with documented criteria.
• Ensure recurring vulnerability and compliance scanning, reporting, and remediation for all digital assets.
• Evaluate existing technology infrastructure for potential computer crime risks and the effectiveness of digital threat management programs.
• Develop and improve methodologies and processes for attack surface management.
• Supervise the development, maintenance, and utilization of information security practices.
• Define the scope and standards of in-house penetration testing activities and consult on complex scenarios.
• Produce metrics and reports on vulnerability, configuration, and assessment coverage.
• Track and follow key cybersecurity indicators with IT teams.

To be successful in the role you must have:

• Knowledge of technologies, methods, and tools for forensic investigations of IT security violations or potential threats.
• Ability to utilize various tools for collecting, analyzing, and presenting digital-related evidence.
• Understanding of techniques, approaches, and processes for detecting, monitoring, analyzing, and preventing digital threats.
• Familiarity with technologies and solutions for information security issues and their application in protecting organizational data.
• Knowledge of concepts, tools, and practices for dealing with computer crime.
• Ability to deploy and monitor information security systems, detect, resolve, and prevent IT security violations.
• Skills in crisis management concepts and techniques.
• Ability to grasp new concepts and revise ways of thinking and behaving.
• Knowledge of Incident Response and handling methodologies and Cyber Attack killchain.
• Understanding of tools and processes for maintaining network and Internet security.
• Proficiency in vulnerability assessment tools, techniques, models, and systems.
• Ability to monitor, analyze, and respond to network attacks, intrusions, or unauthorized actions.

What do we offer?

- Joining a dynamic and agile company undergoing international expansion.

- Working in start-up mode with the support of the Santander Group.

- Competitive remuneration and attractive benefits package.

- Possibility of growth within the company and the Group.

- Collaborating on international projects in different countries.

- Excellent work environment, social clubs and frequent events.

Would you like to grow with us? Join our team!

Openbank is an equal opportunity employer. All applicants will be considered as equal without paying attention to gender identity, sexual orientation, ethnicity, religion, age, political orientation, union membership nor disability status.

We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify, and build.

The personal data you provide as well as any data generated during the selection process are confidential and will be processed by Open Bank, S.A./ Open Digital Services, S.L. with registered office at Plaza de Santa Bárbara 2, 28004 (Madrid), for the sole purpose of managing your participation in the selection processes and, where appropriate, to formalise your recruitment.  

For further information about your rights and data protection, please read the ODS/Openbank Privacy Policy applicable to this type of data processing here. 

#OPENBANK

OBTECH22