Sr. Associate, Technology Risk Management

Sr. Associate, Technology Risk Management

Country:
United States of America

Santander is a global leader and innovator in the financial services industry. We believe that our employees are our greatest asset. Our focus is on fostering an enriching journey that empowers you to explore diverse career opportunities while nurturing your personal growth. We are committed to creating an environment where continuous learning and development are prioritized, enabling you to thrive both professionally and personally.

Here, you will find ample opportunities to connect and collaborate with talented colleagues from around the world, sharing insights and driving innovation together. Join us at Santander, where you are supported by a culture of engagement and a commitment to your success.

The Senior Associate, Technology Risk Management within the Technology and Information Risk Management organization reports to the Senior Director – Technology Risk Management and is responsible for ongoing oversight, assessment, management and reporting of technology and cybersecurity risks across all operating entities. This role is established in the second line of defense and requires collaboration across IT, CISO, Data Office, Operational Risk, Internal Audit and other relevant functional stakeholders within the organization in the management of Technology risks.

An excellent understanding of the evolving regulatory landscape in the US and EU are vital for success in this role.

The day‑to‑day focus may vary depending on the requirements of the overall second line of defense program priorities directed by the Head of Technology Risk and may include: planned or ad‑hoc technical risk reviews, technical review of IT and Security architectures, review and challenge activities of IT or Business initiatives, Risk reporting, development as well as review and challenge of technical risk framework and methodologies.

• Establish themselves as the second line of defense subject matter expert on technology risk management
• Identify and assess technology risks, ensuring awareness and accountability for their management
• Design and execute independent testing and assurance of technical domains
• Participate in the independent and ongoing risk oversight of key technology components of the firm’s business and strategy initiatives.
• Participate in evaluation of new products / Business changes / projects and assess related technology risks and impact to the technology risk profile
• Participate in the evaluation and management of risks related to third‑party suppliers involved in technology projects
• Perform review and challenge of first line of defense risk management processes, data and outcomes (e.g. risk assessments, control evaluations, risk metrics, mitigation plans, risk acceptances etc.)
• Analyze IT risk data from various sources (e.g. external events, control deficiencies, risk register etc.) to identify and measure levels of risk, concentration, trends and patterns, drive automation, risk analytics & aggregation and risk visualization
• Support process for constructive engagement across the Lines of Defense regarding risk appetite, risk metric determination or evaluation, issue management and action plans
• Advise on remediation of regulatory findings, correction of any inconsistencies and monitors resolution
• Prepare information to enable governance committees / working groups in the management oversight of technology risks
• Initiate timely escalations to the Technology Risk leadership team
• Work across the lines of defense to recommend strategies that effectively treat risks within the risk appetite

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Bachelor’s Degree in a technical discipline or…