Your Journey Starts Here:

Santander is a global leader and innovator in the financial services industry. We believe that our employees are our greatest asset. Our focus is on fostering an enriching journey that empowers you to explore diverse career opportunities while nurturing your personal growth. We are committed to creating an environment where continuous learning and development are prioritized, enabling you to thrive both professionally and personally. Here, you will find ample opportunities to connect and collaborate with talented colleagues from around the world, sharing insights and driving innovation together. Join us at Santander, where you are supported by a culture of engagement and a commitment to your success.

An exciting journey awaits, if you are interested in exploring the possibilities We Want to Talk to You!

The Difference You Make:

The Senior Analyst, Technology Risk Management within the Technology and Information Risk Management organization reports to the Senior Director - Technology Risk Management and is responsible for ongoing oversight, assessment, management and reporting of technology and cybersecurity risks across all operating entities with focus on Payment Systems. This role is established in the second line of defense and requires collaboration across IT, CISO, Data Office, Operational Risk, Internal Audit and other relevant functional stakeholders within the organization in the management of Technology risks.

Understanding of Payment systems, technology architecture and integration, preferably with TCH, SWIFT and Fedline. An excellent understanding of the evolving regulatory landscape in the US and EU are vital for success in this role.

The day-to-day focus may vary depending on the requirements of the overall second line of defense program priorities directed by the Head of Technology Risk and may include: planned or ad-hoc technical risk reviews, technical review of IT and Security architectures, review and challenge activities of IT or Business initiatives, Risk reporting, development as well as review and challenge of technical risk framework and methodologies.

Essential Functions:

• Establish themselves as the second line of defense subject matter expert on technology risk management
• Understand overall Payments related architecture and engage in Payments related initiatives to access technical risks
• Identify and assess technology risks ensure awareness and accountability for their management
• Design and execute independent testing and assurance of technical domains
• Participate in the independent and ongoing risk oversight of key technology components of the firm’s business and strategy initiatives.
• Participate in evaluation of new products / Business changes / projects and assess related technology risks and impact to the technology risk profile
• Participate in the evaluation and management of risks related to third-party suppliers involved in technology projects
• Perform review and challenge of first line of defense risk management processes, data and outcomes (e.g. risk assessments, control evaluations, risk metrics, mitigation plans, risk acceptances etc.)
• Analyze IT risk data from various sources (e.g. external events, control deficiencies, risk register etc.) to identify and measure levels of risk, concentration, trends and patterns; drive automation, risk analytics & aggregation and risk visualization
• Support process for constructive engagement across the Lines of Defense regarding risk appetite, risk metric determination or evaluation, issue management and action plans
• Advises on remediation of regulatory findings, correction of any inconsistencies and monitors resolution
• Prepare information to enable governance committees / working groups in the management oversight of technology risks
• Initiate timely escalations to the Technology Risk leadership team
• Work across the lines of defense to recommend strategies that effectively treat risks within the risk appetite

Qualifications: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Education:

• Bachelor's Degree in a technical discipline or equivalent work experience: Computer Science, Information Technology, Information Systems, Information Security. Req
• Master's Degree in related technical disciplines. Pref
• Professional Certifications in one or more domains of technical expertise. Req.

Work Experience:

• Experience working in Payment Systems for Retail and Commercial banking, and strong understanding of payment rails
• Experience working in Cloud and on-prem applications with focus on integration with other internal and external systems/vendors
• Practitioner experience in Technology or Cybersecurity risk management with an ability to lead technical risk assessments, identify and assess risks, document findings and opinions, and develop risk reporting
• Good understanding of regulatory requirements e.g. FFIEC, FDIC, OCC requirements and industry frameworks and practices e.g. COBIT, ITIL, ISO, NIST 800-53, CSA-CCM v4, Fed Ramp, CIS Benchmarks
• Overall professional experience of 3+ years or more in technology risk audit & assurance or a technology risk management role in a matrix organization
• Experience within a highly regulated environment such as the financial services industry

Technical Skills:

• IT Service Management domains e.g. IT Change Management, IT Capacity Management, IT Incident Management, IT Release Management
• Software Development Lifecycle (SDLC)
• IT Asset Management and Shadow IT (End User Computing)
• Networks and Communication Systems
• Virtualized infrastructure
• Payments technology e.g. SWIFT, Fedline etc.
• Advanced levels of proficiency in MS Excel and Powerpoint
• High levels of proficiency with data visualization and reporting tools such as PowerBI and/or Tableau
• Working knowledge of the Python ecosystem, including best practices (Pref)

Competencies and Abilities:

• Demonstrated expertise and track record in the design and assessment of technology controls across multiple technical domains, and ability to perform at an advanced level of competence.
• Strong familiarity with Risk Control Self-Assessment (RCSA) of technology processes.
• Strong risk, process, and control validation and/or assessment skills with an ingrained sense of intellectual curiosity.
• Excellent communication and presentation skills, including the ability to present complex topics, negotiate and recommendations to senior stakeholders.
• Meticulous attention to detail and accuracy when analyzing data, preparing reports, and documenting risk management processes.
• Having the ability to multi-task and adapt/adjust to multiple demands and competing priorities.
• A team player who can coordinate and drive consensus among different teams and stakeholders having varying view points.
• Ability to convey a sense of urgency and drive issues/projects to closure.
• Excellent written and oral communication skills.
• Excellent analytical skills when it comes to problem-solving including the ability to challenge root causes and related corrective actions.
• Strong organizational and project management skills.

Risk Culture:

We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk management.

EEO Statement:

At Santander, we value and respect differences in our workforce. We actively encourage everyone to apply. Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.

Working Conditions:

Frequent minimal physical effort such as sitting, standing and walking is required for this role. Depending on location, occasional moving and lifting light equipment and/or furniture may be required.

Employer Rights:

This job description does not list all of the job duties of the job. You may be asked by your supervisors or managers to perform other duties. You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time. This job description is not a contract for employment and either you or the employer may terminate your employment at any time for any reason.

What To Do Next:

Review the internal eligibility guidelines here. If this sounds like a role you are interested in, then please apply.

We are committed to providing an inclusive and accessible application process for all candidates. If you require any assistance or accommodation due to a disability or any other reason, please contact us at TAOps@santander.us to discuss your needs.

Primary Location: Boston, MA, Boston

Other Locations: Massachusetts-Boston,Texas-Dallas,New Jersey-Florham Park,Florida-Miami

Organization: Santander Holdings USA, Inc.