Exposure Management Manager (Security Governance/Compliance/Vulnerability) (Hybrid Madrid)

• Security Baseline Governance: Track and coordinate the annual policy review process for SBC. Ensure timely updates and alignment with regulatory and internal standards.
• Stakeholder Support: Assist Application Responsibles (AR), Technology Responsibles (TR), and IT Service Owners (ITSO) in fulfilling their SBC and vulnerability management responsibilities.
• Compliance Oversight: Monitor coverage and compliance deviations, follow up on remediation plans, and ensure issues are addressed promptly.
• Future Planning: Help define and track long-term initiatives, such as onboarding new technologies (e.g., Azure cloud) and introducing new SBC rules.
• Exposure Management: Support the response process for vulnerabilities tracked in ServiceNow Vulnerability Response (VR), ensuring timely and audit-compliant resolution.
• Escalation & Coordination: Act as the central point for questions and escalations related to SBC and EM processes. Communicate effectively across teams and escalate when necessary.
• Process Assurance: Follow established practices to ensure gaps are closed, documentation is complete, and responses (mitigation, false-positive rejections, etc.) meet requirements of established policies and standards.

Do you have experience in Software development?, Do you have a Bachelor's degree?, * Bachelor's degree in computer science, information security, or equivalent practical experience.

• 3-5 years of experience in IT/security governance, compliance, or vulnerability management.
• Strong organizational and time-management skills; ability to manage multiple processes and stakeholders simultaneously.
• Excellent communication and stakeholder management skills, with a proactive and solution-oriented mindset.
• Foundational understanding of security configuration standards (e.g., CIS benchmarks, hardening guidelines) and vulnerability management principles.
• Experience using ServiceNow or similar ITSM/GRC platforms.
• Good english level (C1) you will be working with international teams.

Nice to hace:

• Experience with cloud security (Azure preferred) and baseline configuration frameworks.
• Familiarity with vulnerability scanning tools (e.g., Nexpose) and exposure management workflows.
• IT or Security certifications (e.g., Security+, CISM, CISSP).
• Experience in financial services or regulated environments., software development,compliance,security management,cloud security

Hybrid. Madrid city center (Sol area). 3 days a week in the office + 2 days remote.

Work schedule

Business Hours. No intensive working days for friday or summer.

What can we offer?

• 23 days of Annual Leave plus the 24th and 31st of December as discretionary days!
• Numerous benefits (Health Care Plan, teleworking compensation, Life and Accident Insurances).
• `Retribución Flexible´ Program: (Meals, Kinder Garden, Transport, online English lessons, Health Care Plan…)
• Free access to several training platforms
• Professional stability and career plans
• UST also, compensates referrals from which you could benefit when you refer professionals.
• The option to pick between 12 or 14 payments along the year.
• Real Work Life Balance measures (flexibility, WFH or remote work policy, compacted hours during summertime…)
• UST Club Platform discounts and gym Access discounts

More in details, UST is a multinational company based in North America, certified as a Top Employer and Great Place to Work company with over 35.000 employees all over the world and presence in more than 35 countries. We are leaders on digital technology services, and we provide large-scale technologic solutions to big companies. What are we looking for? We are looking for an Exposure Management Manager, working close to one of our main clients in banking sector. You will manage key processes within our Exposure Management initiative, starting with Security Baseline Configuration (SBC) as an initial focus, while supporting broader vulnerability response and exposure management activities over time. This position offers collaboration with senior security experts, visibility across global technology teams, and opportunities to shape the evolution of our security compliance framework., UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world's best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients' organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact-touching billions of lives in the process.