HomesteadRecruiter Since 2001
the smart solution for Homestead jobs

Sr. Associate, Information Risk Management

Company: Santander Holdings USA Inc
Location: Homestead
Posted on: November 18, 2022

Job Description:

Sr. Associate, Information Risk Management

Country: United States of America

WHAT YOU WILL BE DOING

The Sr. Associate, Information Risk is responsible for the strategic development, implementation, and effective execution of the Information Risk Management (IRM) program, the key program elements of which include internal loss, external loss, risk assessment, business impact assessments, Key Risk Indicators (KRIs), scenario analysis & stress testing. In this role the candidate will report directly into the Head of Santander Consumer (SC) IRM. The SC IRM team is embedded in the wider SC ORM organization and rolls-up to the Chief Operational Risk Officer (CORO) and Chief Risk Officer (CRO) of Santander Consumer (SC).

Essential Functions:
Analyzes, measures IT process and control performance, monitors trends, defines limits according for Corporate Banking Op Risk exposures in accordance with the Risk Appetite

Assist in the ongoing oversight of Information Risk (IR) Framework and Information Risk Management (IRM) requirements in support of the first line of defense

Contributes to escalation, reporting, communication to Risk Governance Forums

Helps drive culture of risk awareness

Participates in the creation and delivery of OR business-tailored training.

Supports the creation, management, and development of OR program strategy, policies and models within the Corporate Banking Business

Requirements:
Education -
Bachelor's Degree: Science, Computer Science or Technology, Business, Finance, Management, or equivalent field.

or equivalent work experience

Experience -
6+ years Risk Management/Risk.

6+ years Information Technology / Information Security

3+ years Financial Services industry

Skills & Abilities -
Strong technology risk management principles, methodologies and tools, governance principles and activity preferably in a financial services technology environment.

Primary Skills
Technology Change and Release Management

IT Configuration Management

Network Operations and Security Management

Security Logging and Monitoring

Basic Technology Risk requirements -
Review and analysis of security-related configuration and hardening standards for Windows, ESX, and RedHat servers, Windows laptops/desktops, SQL Server database and network technologies within the enterprise.

Reviewing configuration and policies of Information Security Scanning Tools covering operating systems and databases.

Review and challenge compliance metrics published by corporate-wide audience and prepare conclusions for review by IRM (Information Risk Management) and ORM (Operational Risk Management) and senior management.

Review and verify compliance with Information Security related standards and process documentation (e.g. End User Computing and Macro Governance)

Supporting internal and external audit exercises.

Regulatory Knowledge: - Gramm-Leach Bliley Act (GLBA), Sarbanes-Oxley (SOX), OCC Heightened Standards, FFIEC Guidelines, NYDFS, GDPR

AT SANTANDER, WE VALUE AND RESPECT DIFFERENCES IN OUR WORKFORCE AND STRIVE TO INCREASE THE DIVERSITY OF OUR TEAMS. WE ENCOURAGE EVERYONE TO APPLY.
General Skills & Abilities -
Strong technology risk management principles, methodologies and tools, governance principles and activity preferably in a financial services technology environment including knowledge of workflow/processes and risks/controls

Ability to independently operate in a complex, matrixed environment; adept at delivering and maintaining productive working relationships across business, functions, geographies and lines of defense

Advanced operational risk, process, and control validation and/or assessment skills.

Ability to direct, train and guide peers, subordinates and management.

Ability to handle conflict resolution with other groups to ensure appropriate accounting guidance is followed.

Ability to adjust to new developments/changing circumstances.

Ability to convey a sense of urgency and drive issues/projects to closure.

Ability to effectively interact with the market, executive management and vendors.

Ability to adapt and adjust to multiple demands and competing priorities.

Excellent written and oral communication skills.

Excellent analytical, organizational and project management skills.

Strong project management skills.

Preferred general technical Skills -

A general understanding, working or auditing knowledge for majority of areas listed is preferred:
Microsoft Windows, Red Hat Linux, IBM AIX, IBM Mainframe/Midrange, VMWare ESXi, LAN/WAN/MAN Networking, Firewall Technologies, Intrusion Detection/Prevention Systems (IDP/IPS), Security Information and Event Management (SIEM), Cloud Computing, Web Proxies, SQL/Oracle/DB2 Database Technologies, Storage Area Networks (SAN) and Network Attached Storage (NAS), Email Systems, End-User Computing, Web Servers

Preferred Certification -
CISSP (ISC2), CISM (ISACA), GIAC (SANS) CRM, CISA (ISACA), CRISC (ISACA), IT Risk Fundamentals (ISACA), Certified business Continuity Professional (CBCP, issued by the DRI), AWS or Azure Cloud Security Certification

DIVERSITY & EEO STATEMENTS: AT SANTANDER, WE VALUE AND RESPECT DIFFERENCES IN OUR WORKFORCE AND STRIVE TO INCREASE THE DIVERSITY OF OUR TEAMS. WE ACTIVELY ENCOURAGE EVERYONE TO APPLY.

SANTANDER IS AN EQUAL OPPORTUNITY EMPLOYER. ALL QUALIFIED APPLICANTS WILL RECEIVE CONSIDERATION FOR EMPLOYMENT WITHOUT REGARD TO RACE, COLOR, RELIGION, SEX, SEXUAL ORIENTATION, GENDER IDENTITY, NATIONAL ORIGIN, GENETICS, DISABILITY, AGE, VETERAN STATUS OR ANY OTHER CHARACTERISTIC PROTECTED BY LAW.

WORKING CONDITIONS: FREQUENT MINIMAL PHYSICAL EFFORT SUCH AS SITTING, STANDING AND WALKING. OCCASSIONAL MOVING AND LIFTING EQUIPMENT AND FURNITURE IS REQUIRED TO SUPPORT ONSITE AND OFFSITE MEETING SETUP AND TEARDOWN. PHYSICALLY CAPABLE OF LIFTING UP TO FIFTY POUNDS, ABLE TO BEND, KNEEL, CLIMB LADDERS.

EMPLOYER RIGHTS: EMPLOYER RIGHTS:THIS JOB DESCRIPTION DOES NOT LIST ALL OF THE JOB DUTIES OF THE JOB. YOU MAY BE ASKED BY YOUR SUPERVISORS OR MANAGERS TO PERFORM OTHER DUTIES. YOU MAY BE EVALUATED IN PART BASED UPON YOUR PERFORMANCE OF THE TASKS LISTED IN THIS JOB DESCRIPTION. THE EMPLOYER HAS THE RIGHT TO REVISE THIS JOB DESCRIPTION AT ANY TIME. THIS JOB DESCRIPTION IS NOT A CONTRACT FOR EMPLOYMENT AND EITHER YOU OR THE EMPLOYER MAY TERMINATE AT ANY TIME FOR ANY REASON.
Certified Information Security Manager (CISM) - Information System Auditing & Control Association English Essential Functions:
Analyzes, measures IT process and control performance, monitors trends, defines limits according for Corporate Banking Op Risk exposures in accordance with the Risk Appetite
Assist in the ongoing oversight of Operational Risk (OR) Framework and Information Risk Management (IRM) requirements in support of the first line of defense
Contributes to escalation, reporting, communication to Risk Governance Forums
Helps drive culture of risk awareness
Participates in the creation and delivery of OR business-tailored training.
Supports the creation, management, and development of OR program strategy, policies and models within the Corporate Banking Business More than 5 years of relevant work

Primary Location: - Dallas, Texas, United States of America

Other Locations: - Texas-Dallas,Florida-Miami,Massachusetts-Boston

Organization: - Santander Consumer USA Inc.

Keywords: Santander Holdings USA Inc, Homestead , Sr. Associate, Information Risk Management, Executive , Homestead, Florida

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest Florida jobs by following @recnetFL on Twitter!

Homestead RSS job feeds