Banco Sabadell, Miami Branch
Information Security Governance & Regulatory Compliance
Banco Sabadell, Miami Branch, Miami, Florida, us, 33222
Information Security Governance & Regulatory Compliance
Sabadell is a global financial institution headquartered in Barcelona, Spain and one of Europe’s oldest and most successful banking groups since its founding in 1881. Sabadell covers all areas of the financial business sector under a common denominator: professional performance and quality. In the United States, Sabadell has operated with an International Full Branch since 1993. We offer Corporate Banking services to international companies in the American market, and Private Banking services primarily to Latin American high net worth individuals and families.
Responsibilities
Regulatory Governance & CISO Support
Serve as primary drafter for all regulatory submissions (DORA, GLBA, ECB)
Support on preparing quarterly ITOOC materials and CISO briefing packages such as GIOC, IT Interlock
Maintain enterprise security policies aligned to NIST CSF
Audit & Examination Leadership
Act as single point of contact for all audits (internal/external)
Coordinate evidence collection across IT, Legal, and Business Units
Draft management responses to findings (Must Fix List items)
Track remediation to closure via GRC dashboards
Own the Cyber KRI program - collect, analyze and report to: GIOC (monthly); Regulators (as required)
Maintain control mappings between different standards and frameworks (e.g., GBLA → HO Risk Taxonomy, ISO 27001 to NIST)
CISO Development Program
Rotational assignments:
Q1: Shadow CISO in HO engagements
Q2: Lead mock regulatory examination
Q4: Support CISO by presenting as a CISO deputy on the GIOC meeting
Conduct security risk validations for all IT Critical Vendors
Control gaps (NIST 800-53)
Remediation timelines
Contractual security requirements
Perform annual vendor reassessments aligned to FFIEC Third-Party Guidance
Requirements
Bachelor's degree in Cybersecurity, Risk Management, or related field and College Degree required
3–5 years in GRC, audit, or risk management (financial sector preferred)
CRISC, CISA, or ISO 27001 LA desirable
Regulatory Frameworks: NYDFS 500, GLBA, FFIEC CAT, NIST CSF, NIST 800-53
Tools: ServiceNow GRC, Smartsheet, Qualys
Reporting: KRI/KPI dashboards, regulatory submissions
Sabadell is an Equal Employment Opportunity
#J-18808-Ljbffr
Responsibilities
Regulatory Governance & CISO Support
Serve as primary drafter for all regulatory submissions (DORA, GLBA, ECB)
Support on preparing quarterly ITOOC materials and CISO briefing packages such as GIOC, IT Interlock
Maintain enterprise security policies aligned to NIST CSF
Audit & Examination Leadership
Act as single point of contact for all audits (internal/external)
Coordinate evidence collection across IT, Legal, and Business Units
Draft management responses to findings (Must Fix List items)
Track remediation to closure via GRC dashboards
Own the Cyber KRI program - collect, analyze and report to: GIOC (monthly); Regulators (as required)
Maintain control mappings between different standards and frameworks (e.g., GBLA → HO Risk Taxonomy, ISO 27001 to NIST)
CISO Development Program
Rotational assignments:
Q1: Shadow CISO in HO engagements
Q2: Lead mock regulatory examination
Q4: Support CISO by presenting as a CISO deputy on the GIOC meeting
Conduct security risk validations for all IT Critical Vendors
Control gaps (NIST 800-53)
Remediation timelines
Contractual security requirements
Perform annual vendor reassessments aligned to FFIEC Third-Party Guidance
Requirements
Bachelor's degree in Cybersecurity, Risk Management, or related field and College Degree required
3–5 years in GRC, audit, or risk management (financial sector preferred)
CRISC, CISA, or ISO 27001 LA desirable
Regulatory Frameworks: NYDFS 500, GLBA, FFIEC CAT, NIST CSF, NIST 800-53
Tools: ServiceNow GRC, Smartsheet, Qualys
Reporting: KRI/KPI dashboards, regulatory submissions
Sabadell is an Equal Employment Opportunity
#J-18808-Ljbffr