Technology Risk, Governance & Controls Senior – Risk & Compliance (ODS) Country: Spain Open Digital Services is the software development company of Santander Group powering the next generation of banks by creating innovative banking products and implementing them in collaboration with Santander Group Affiliates. Santander Group is one of the world's largest financial institutions and the Eurozone's leader, committed to being the best Digital Bank with Branches in the industry. Our mission at ODS is to design and support an advanced digital and omnichannel platform, ensuring the best customer experience using cutting-edge technology. Openbank, our flagship partner, is where we develop our most advanced concepts first. Be part of our Best-in-Class team and help us create unique value for our customers! Join us to tackle exciting tech challenges in an agile environment, benefiting from learning, growth, and local and international career opportunities in a modern, diverse setting. Mission: The Risk & Compliance team, from a transversal second line of defence perspective, defines and monitors technology KPIs and KRIs across countries, challenges constructively, identifies emerging risks early and supports technology teams in strengthening security, resilience and regulatory compliance. The job has direct executive impact: this role enables informed senior-management decisions, reinforces regulatory confidence and helps scale digital products safely, consistently and sustainably across all geographies. Responsibilities: Management and monitoring of Technological and IT Risk indicators (KPIs/KRIs) across countries: - Definition and maintenance of KPIs/KRIs. - Ongoing monitoring of indicator performance and analysis of deviations. - Critical review of reported information and effective challenge to teams to ensure data quality and consistency. - Identification of control weaknesses and relevant risks. - Escalation of alerts and support in the definition and follow-up of action plans. Reporting to countries / subsidiaries: - Development of periodic reports of metrics and KPIs. - Coordination with local teams for information gathering and validation. - Ensuring homogeneous criteria and aligned messaging at Group level. Application management and inventory: - Maintenance of the application inventory. - Technical review of applications according to their classification (criticality, confidentiality, RTO, RPO, data, etc). - Verification of compliance with required controls based on the application category (security, continuity, resilience, etc.). - Gaps follow-up and remediation actions. Technological Risk management: - Identification, assessment and monitoring of technological risks. - Support to IT areas in the definition of mitigation plans. - Follow-up of action plans. Operational Risk: - Management of IT risks within the Bank’s internal Operational Risk framework. - Support in the identification of changes, root causes and IT-related controls. - Coordination with Operational Risk teams. IT control framework oversight: - Assessment of the adequacy and effectiveness of IT controls. - Identification of gaps and areas for improvement. - Follow-up of action plans and supporting evidence. Interaction with internal and external audit: - Support in internal and external IT / technology audits. - Follow-up of findings and action plans. Governance and awareness: - Support in training and awareness initiatives. - Promotion of IT control best practices. Continuous improvement and automation: - Proposal of improvements to control and reporting processes. - Use of tools to automate indicators and reporting. Cross-functional coordination: - Coordination with IT, Security, Continuity, Data and Risk areas. - Alignment with regulatory and corporate requirements. To be successful in the role you must have: - At least 4 years of experience in Technology Governance, Risk and Compliance (IT / Cyber GRC) within large, regulated, and international environments. - Strong expertise in defining, overseeing and challenging KRIs, risk metrics and dashboards, ensuring data quality, consistency and meaningful insight. - Proven experience in senior-level reporting and oversight across multiple countries or entities, balancing local requirements with global standards. - Solid background in governance models (1LoD / 2LoD), including control oversight, independent challenge and coordination of testing activities. - Demonstrated experience managing and maintaining technology/application inventories, including criticality, ownership and risk attributes. - Excellent stakeholder management and communication skills, with the ability to influence, escalate and report effectively to senior management. What do we offer? - Joining a dynamic and agile company undergoing international expansion. - Working in start-up mode with the support of the Santander Group. - Competitive remuneration and attractive benefits package. - Possibility of growth within the company and the Group. - Collaborating on international projects in different countries. - Excellent work environment, social clubs and frequent events. Would you like to grow with us? Join our team! ODS is an equal opportunity employer. All applicants will be considered as equal without paying attention to gender identity, sexual orientation, ethnicity, religion, age, political orientation, union membership nor disability status. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify, and build. The personal data you provide as well as any data generated during the selection process are confidential and will be processed by Open Bank, S.A./ Open Digital Services, S.L. with registered office at Plaza de Santa Bárbara 2, 28004 (Madrid), for the sole purpose of managing your participation in the selection processes and, where appropriate, to formalise your recruitment. For further information about your rights and data protection, please read the ODS/Openbank Privacy Policy applicable to this type of data processing here.