Third Parties Audit Lead (Cybersecurity)

TL;DR

Third Parties Audit Lead (Cybersecurity): Leading a team of IT auditors to execute onsite inspections and evaluate security controls for critical third-party vendors with an accent on risk assessment, penetration testing, and regulatory compliance. Focus on translating technical security gaps into business impact insights for senior management to mitigate systemic risks.

Location: Must be based in Madrid, Spain (Hybrid model with office attendance required).

Company

hirify.global is a global network of technology and operations centers delivering scalable, secure banking solutions for ING's international operations.

What you will do

• Lead and mentor a team of IT auditors in executing risk-based onsite inspections.
• Evaluate the design and implementation of IT security controls at third-party vendors.
• Coordinate fieldwork, conduct interviews, and perform technical assessments including penetration tests.
• Communicate systemic risk insights and security findings to senior management via executive dashboards.
• Drive improvements in the security control environment across the vendor ecosystem.
• Travel to third-party sites as required (estimated 6-8 weeks per year).

Requirements

• Bachelor’s or Master’s degree in Computer Science, IT Security, or related field.
• 6+ years of experience in IT Audit, risk management, and governance.
• Proven experience in team management and stakeholder negotiation.
• Strong technical knowledge of IT security layers (OS, network, databases, cloud, containers).
• Proficiency in IT standards such as COBIT, ISO 27001, and risk frameworks.
• English proficiency for professional communication in a multicultural environment.

Nice to have

• Certifications such as CISA, CISSP, OSCP, or ISO27001LA.
• Experience with banking regulations (PSD2, DORA, EBA guidelines).
• Hands-on experience with vulnerability assessment and pentesting tools (Nessus, Burp, Kali).
• Data analytics or scripting skills (e.g., Knime).

Culture & Benefits

• Flexible work model with a balance between home and office.
• Comprehensive health insurance for you and your family.
• Life insurance and pension plan participation.
• Flexible remuneration options including transport and training aids.
• On-site office amenities including gym, medical services, and mobility solutions.