RowlettRecruiter Since 2001
the smart solution for Rowlett jobs

Sr. Associate, Information Risk Management VP

Company: Santander Holdings USA Inc
Location: Rowlett
Posted on: May 27, 2023

Job Description:

Sr. Associate, Information Risk Management VP

Holmdel, United States of America


The Sr. Associate for Information Risk Management is responsible for the strategic development, implementation, and effective execution of activities in the Information Risk Management (IRM) program. The key program elements of which cover include internal loss, external loss, risk assessment, business impact assessments, KRIs, scenario analysis / stress testing, awareness, and communication, issues and remediation planning, tracking, MIS and reporting, testing, compliance, and monitoring.

Essential Functions:

  • Analyzes, measures performance, monitors trends, defines limits according for Santander Consumer USA IRM Risk exposures in accordance to Risk Appetite.
  • Assist in the ongoing oversight of IRM as part of the established Information Risk (IR) Framework in support of the first line of defense.
  • Contributes to escalation, reporting, communication to Risk Governance Forums.
  • Helps drive culture of risk awareness.
  • Supports the creation, management, and development of IRM program strategy, policies and models within the Santander Consumer USA to reduce risk for technology operations and Information and Cyber Security.
    • Education -
      • Bachelor's Degree: Business, Finance, Management, or equivalent field.
      • or equivalent work experience
      • Experience -
        • 8+ years Risk Management or Governance, Risk and Compliance (GRC)
        • 8+ years combined in Information Technology, Cyber or Information Security
        • 3+ years Financial Services industry
          • Primary Skills -
            • IT Asset Inventory and CMDB
            • Network Security incl. Firewall and Segmentation
            • Incident & Change Management
            • Technology Architecture
              • Basic Technology Risk requirements -
                • Review and analysis of security-related configuration and hardening standards for Windows, ESX, and RedHat servers, Windows laptops/desktops, SQL Server database and network technologies within the enterprise.
                • Reviewing configuration and policies of Information Security Scanning Tools covering operating systems and databases.
                • Review and challenge compliance metrics published by corporate-wide audience and prepare conclusions for review by ORM (Operational Risk Management) and senior management.
                • Review and verify compliance with Information Security related standards and process documentation (e.g. End User Computing and Macro Governance)
                • Supporting internal and external audit exercises.
                • Regulatory Knowledge: Gramm-Leach Bliley Act (GLBA), Sarbanes-Oxley (SOX), OCC Heightened Standards, FFIEC Guidelines, NYDFS, GDPR
                  • General Skills & Abilities -
                    • Strong operational risk management principles, methodologies and tools, governance principles and activity preferably in a financial services technology environment.
                    • Ability to independently operate in a complex, matrixed environment; adept at delivering and maintaining productive working relationships across business, functions, geographies and lines of defense
                    • Advanced technology or operational risk, process, and control validation and/or assessment skills.
                    • Ability to handle conflict resolution with other groups to ensure appropriate accounting guidance is followed.
                    • Ability to adjust to new developments/changing circumstances.
                    • Ability to convey a sense of urgency and drive issues/projects to closure.
                    • Ability to effectively interact with the market, executive management and vendors.
                    • Ability to adapt and adjust to multiple demands and competing priorities.
                    • Excellent written and oral communication skills.
                    • Excellent analytical, organizational and project management skills.
                    • Strong project management skills.
                      Preferred general technical Skills -

                      A general understanding, working or auditing knowledge for majority of areas listed is preferred:

                      Microsoft Windows, Red Hat Linux, IBM AIX, IBM Mainframe/Midrange, VMWare ESXi, LAN/WAN/MAN Networking, Firewall Technologies, Intrusion Detection/Prevention Systems (IDP/IPS), Security Information and Event Management (SIEM), Cloud Computing, Web Proxies, SQL/Oracle/DB2 Database Technologies, Storage Area Networks (SAN) and Network Attached Storage (NAS), Email Systems, End-User Computing, Web Servers

                      Preferred Certification -
                      • CISSP (ISC2), CISM (ISACA), GIAC (SANS) CRM, CISA (ISACA), CRISC (ISACA), IT Risk Fundamentals (ISACA), Certified business Continuity Professional (CBCP, issued by the DRI), AWS or Azure Cloud Security CertificationSantander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.

                        Employer Rights: Employer Rights:This job description does not list all of the job duties of the job. You may be asked by your supervisors or managers to perform other duties. You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time. This job description is not a contract for employment and either you or the employer may terminate at any time for any reason.

                        This is a Hybrid position from the Dallas, Boston or Miami office.

                        Bachelor of Science (BS) English

                        Primary Location: New Jersey, NJ, New Jersey

                        Other Locations: New Jersey-Holmdel,Florida-Miami,Texas-Dallas,Massachusetts-Boston

                        Organization: Santander Consumer USA Inc.

Keywords: Santander Holdings USA Inc, Rowlett , Sr. Associate, Information Risk Management VP, Executive , Rowlett, Texas

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Texas jobs by following @recnetTX on Twitter!

Rowlett RSS job feeds