Solid handshake? Winning smile? Big, bold and bright ideas? If that sounds like you, it’s time to drop everything and start getting excited – because we’re waiting to welcome you to an awesome future. One where you’ll be able to give your entrepreneurial spirit room to grow as you build a rewarding career alongside people as friendly and enthusiastic as you are. So get some screen time with the videos below, and discover how you can Santander.
What makes someone successful at Santander?
Check out the top traits we’re looking for and see if you have the right mix.
- Diversity and inclusion — We work together to create an environment that welcomes diverse perspectives and talent.
- Corporate responsibility — Our corporate responsibility programs share a common purpose of giving back to the community.
- Balance and wellness — Our benefits help you live your life to the fullest while balancing work and personal goals.
- Educational opportunities — We foster a culture of learning, inspiring you to further develop your skill set and education.
Benefits & Rewards
Medical, Dental, Vision Pre-tax Health Accounts, Short- and Long-term Disability EAP, Health Advocate Services
401(k) Retirement Plan Up to 5% 401(k) Matching Additional Investment Options
Paid Parental Leave, Adoption Assistance, Dependent Care FSA, Tax-advantaged Transit/Parking Legal Assistance Plan
Life, accidental death, business travel accident, long- and short-term disability insurance coverage
Tuition and computer purchase reimbursement, plus discounts for cell phone, fitness and auto/home insurance
Paid Time Off (PTO), Holiday Time Off, Volunteer PTO, Travel Discounts
The US Head Business Information Security Officer (BISO) operates within the first line of defense and is accountable to build, manage and drive the execution of a centralized Business Information Security Program across Santander US subsidiaries, working closely with CISO teams and Business executives
S/He directly reports to the US Chief Information Security Officer (CISO) and is responsible for managing day to day activities for Line of Business(es) BISOs, liaising with senior/executive management and/or board on the overall effectiveness of the Line of Business(es) information security control environment, ensuring effective execution of business line cyber risk assessments, and proactively identifying emerging and material cyber risks that may change the line of business(es) risk profile. The individual has direct oversight for the effectiveness and on-time closure of line of business information security action plans and ensures that as risk appetite changes, applicable controls and metrics within each business remain adequate and effective.
·Drive Risk Culture: Establishes expectations, ownership and accountability for information security risk management within the Business Line. Provide risk expertise and control function feedback, as applicable, during performance review cycles and incentive plans of employees in the Business Line. Ensure awareness in the Business Line of cyber risk frameworks, policies and standards.
·Communication & Training: Act as central point of contact for receipt and distribution of information security related information between CISO teams and Business Lines. Maintain two way communications with CISO teams and SLoD. Facilitate information security training for Business Lines to provide awareness of risk frameworks, policies, programs, processes, including phishing exercises.
·Adherence to Risk Frameworks, Policies, and Standards: Partner with CISO teams and SLoD to provide input/review of frameworks, policies and standards. Facilitate Business Line awareness of and adherence to risk frameworks, policies, and standards through internal control testing and issue validation. Report and escalate exceptions and facilitate Business Line corrective actions.
·Continuous Monitoring: Continuously monitors all sources of information security risk existing within the Business Line and externally. Engage in research, peer networking, and experience to anticipate critical cyber risk issues impacting the Business Line. Understand where information security risks exist in the Business Line and continually assess and improve controls to mitigate those risks. Monitor information security Key Risk Indicators and report on negative/adverse trends in Business Line. Monitor risk profile to maintain tolerance within Risk Appetite.
·Issue Identification, Management, and Risk Assessment: Support execution of Business Line RCSAs ensuring cyber risks are incorporated.This includes Process Mapping, Risk & Control Matrices, Inherent Risk Assessments, Internal Control testing and Heracles data/input for cyber risks.Engage and hold Business Line process owners accountable to identify and assess cyber risks. Support Business Lines in cyber risk identification (e.g. NPBA, change management, etc.). Ensure all information security issues (Self-Identified, IA, Credit Risk Review or Regulatory) pertaining to the Business Line are resolved within established timelines. Validate information security issues to ensure Business Line remediation is sufficient to address root cause and prevent recurrence.
·Internal Control Testing: Implement and maintain information security internal control testing and control effectiveness monitoring in the Business Line. Validate the adequacy of controls, escalate deficiencies as appropriate. Identify root causes of control deficiencies/weaknesses and take appropriate action to ensure Business Lines remediate and prevent recurrence.
·Exam Management: Liaison with the Business Line for all information security exam related activities including regulatory, Internal Audit and Credit Risk Review. Review materials, responses and validate Business Line remediation work (e.g. artifacts, action plans, etc.)
·Bachelor's Degree required, Masters preferred in Accounting, Business, Statistics, Risk Management, Information Systems, Information Security, Finance, Economics or equivalent field.
·12-15 years of risk management, controls or related experience in financial services, preferably with information security focus.
·Demonstrated leadership and management experience building new programs and teams
·Experience with delivering risk management execution across multiple business lines offering a wide variety of financial services products and services.
·Deep knowledge of the financial services sector, particularly with the competitive dynamics and products in retail banking and risk management.
·Developed understanding and demonstrated application of operational risk identification and mitigation practices and procedures.
·Developed understanding of the regulatory environment and how the risks of the products and services the bank offers are viewed by the Second Line of Defense and regulators.
·Ability to build credibility with, collaborate with, and influence line of business executives.
·Able to effectively engage in communication with executive management, board members, regulators and other team members across the Santander US
·Ability to collaborate with internal and external service providers to establish resource requirements, scheduling, assignments and service levels.
·Ability to anticipate the impact of regulatory and other environmental factors and proactively take action to ensure the team/function/enterprise is prepared.
·Ability to develop a mentoring culture with both senior experienced team members and junior staff.
·Ability to build, present and negotiate a position based on metrics and facts.
·Ability to build internal and external networks of information resources within the risk management ecosystem.
Primary Location:Massachusetts-BOSTON-75 State Street - 06366 - State Street-Corp
Job Posting:Nov 2, 2020, 2:54:50 PM
Work in Boston
Check out where you could be working if you apply.About this location