Cyber & Third-Party Resilience Specialist

London - UK

Monthly Salary: Not Disclosed

Posted on: 14 hours ago

Vacancies: 1 Vacancy

Job Summary

Excited to grow your career

BBVA is a global company with more than 160 years of history that operates in more than 25 countries where we serve more than 80 million customers. We are more than 121000 professionals working in multidisciplinary teams with profiles as diverse as financiers legal experts data scientists developers engineers and designers.

The Cybersecurity UK & CE team is responsible for the implementation and continuous improvement of the CIB Corporate Security programme across the region working closely with technology risk and business stakeholders to deliver practical and proportionate security outcomes.

About the job:

Key Responsibilities:

Third-Party Cyber & IT Risk:

Assess third-party suppliers capability to manage technology and cyber risk.
Support evaluation of residual risk following application of relevant control frameworks.
Coordinate and perform due diligence and third-party competency validation for Tier 1 and Tier 2 suppliers prior to contract signature.
Support contractual embedding of IT risk requirements including risk-inclusive clauses.
Obtain and assess third-party assurance artefacts (e.g. SOC ISAE) where required.
Track and support remediation of third-party risk findings ahead of contract renewal.
Contribute to the development of proportionate exit strategies for critical suppliers.

Cyber & Third-Party Resilience:

Support cyber-led third-party resilience activities including dependency mapping and concentration risk assessment.
Translate supplier risks into resilience considerations for important business services.
Support development of realistic cyber and third-party disruption scenarios.
Coordinate with relevant stakeholders to ensure resilience considerations are reflected consistently across plans and artefacts.

Cyber Operational Resilience:

Support cyber operational resilience activities including service mapping scenario coordination and documentation.
Assist with preparation and coordination of resilience exercises and follow-up actions.
Contribute to clear regulator-ready narratives aligned to UK and EU expectations.
Support consistency of approach across UK & CE offices including Milan Paris and Frankfurt.

What are we looking for

Experience:

At least 5 years of experience in cyber risk IT risk third-party risk or related disciplines within a regulated environment.
Exposure to supplier risk assessment control assurance or contractual risk considerations.
Some experience or interest in operational resilience business continuity or technology disruption scenarios.
Comfortable working across Cyber IT Risk Procurement and business teams.

Skills & Knowledge:

Cyber-literate with the ability to understand technology services dependencies and common failure modes.
Familiarity with IT risk control concepts and third-party assurance artefacts (e.g. SOC ISAE).
Awareness of UK Operational Resilience requirements (BoE PRA FCA) and relevant European regulations (EBA DORA GDPR).
Able to analyse document and explain complex supplier and service relationships.

Professional Skills:

Strong coordination and stakeholder engagement skills.
Clear structured written communication suitable for risk and regulatory contexts.
Organised and detail-oriented with the ability to track actions across multiple parties.
Able to operate independently exercising sound judgement and escalating appropriately when required.

Qualifications:

Degree-level education or equivalent experience.
Relevant certifications are advantageous but not required.
English proficiency required; Spanish is a plus.

Please note that priority will be given to candidates who are elegible to work in the UK.

Skills:

Business Control Frameworks Cyber Risks Due Diligence Information Technology (IT) Risk Legal Practices Risk Assessments Supplier Risk Assessment Third Party Risk Management

Required Experience:

Excited to grow your careerBBVA is a global company with more than 160 years of history that operates in more than 25 countries where we serve more than 80 million customers. We are more than 121000 professionals working in multidisciplinary teams with profiles as diverse as financiers legal experts...

Excited to grow your career

About the job:

Key Responsibilities:

Third-Party Cyber & IT Risk:

Assess third-party suppliers capability to manage technology and cyber risk.
Support evaluation of residual risk following application of relevant control frameworks.
Coordinate and perform due diligence and third-party competency validation for Tier 1 and Tier 2 suppliers prior to contract signature.
Support contractual embedding of IT risk requirements including risk-inclusive clauses.
Obtain and assess third-party assurance artefacts (e.g. SOC ISAE) where required.
Track and support remediation of third-party risk findings ahead of contract renewal.
Contribute to the development of proportionate exit strategies for critical suppliers.

Cyber & Third-Party Resilience:

Support cyber-led third-party resilience activities including dependency mapping and concentration risk assessment.
Translate supplier risks into resilience considerations for important business services.
Support development of realistic cyber and third-party disruption scenarios.
Coordinate with relevant stakeholders to ensure resilience considerations are reflected consistently across plans and artefacts.

Cyber Operational Resilience:

Support cyber operational resilience activities including service mapping scenario coordination and documentation.
Assist with preparation and coordination of resilience exercises and follow-up actions.
Contribute to clear regulator-ready narratives aligned to UK and EU expectations.
Support consistency of approach across UK & CE offices including Milan Paris and Frankfurt.

What are we looking for

Experience:

At least 5 years of experience in cyber risk IT risk third-party risk or related disciplines within a regulated environment.
Exposure to supplier risk assessment control assurance or contractual risk considerations.
Some experience or interest in operational resilience business continuity or technology disruption scenarios.
Comfortable working across Cyber IT Risk Procurement and business teams.

Skills & Knowledge:

Cyber-literate with the ability to understand technology services dependencies and common failure modes.
Familiarity with IT risk control concepts and third-party assurance artefacts (e.g. SOC ISAE).
Awareness of UK Operational Resilience requirements (BoE PRA FCA) and relevant European regulations (EBA DORA GDPR).
Able to analyse document and explain complex supplier and service relationships.

Professional Skills:

Strong coordination and stakeholder engagement skills.
Clear structured written communication suitable for risk and regulatory contexts.
Organised and detail-oriented with the ability to track actions across multiple parties.
Able to operate independently exercising sound judgement and escalating appropriately when required.

Qualifications:

Degree-level education or equivalent experience.
Relevant certifications are advantageous but not required.
English proficiency required; Spanish is a plus.

Please note that priority will be given to candidates who are elegible to work in the UK.

Skills:

Business Control Frameworks Cyber Risks Due Diligence Information Technology (IT) Risk Legal Practices Risk Assessments Supplier Risk Assessment Third Party Risk Management

Required Experience:

Key Skills

Sales Experience
Crane
Customer Service
Communication skills
Heavy Equipment Operation
Microsoft Word
Case Management
OSHA
Team Management
Catheterization
Microsoft Outlook Calendar
EHS

Apply Now

About Company

BBVA

BBVA is a global company with more than 160 years of history that operates in more than 25 countries where we serve more than 80.1 million customers. We are more than 113,000 professionals working in multidisciplinary teams with profiles as diverse as financiers, legal experts, data s ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click