Associate Director, Information Security

Associate Director, Information SecurityNew York, United States of America

WHAT YOU WILL BE DOING

USA Job Family Description: Designs, analyzes and supports the company's information technology structure, systems and processes. Acquires, designs, implements and operates the company's information technology resources (e.g., computer hardware, operating systems, communications, software applications, data, databases, etc.). Deploys, acquires, maintains and ensures security of information technology assets. Plans and tests processes to ensure compliance with system requirements, business objectives, security standards and other technical requirements.

USA Job Function Description: Develops, manages and operates security services that assess, prioritize and mitigate information security and technology risk. Includes cyber security threat services, access management services and technology risk assessments. Designs network security perimeter architecture and relevant security controls. Reviews internal and external IT projects and applications for risk and adherence to security policies and industry best practices. Participates on internal security project teams to deploy security technologies and to make recommendations for hardware/software products for future release. Liaises with vendors for various security infrastructure-related products and services.

Essential Functions/Responsibility Statements:

• Protects the Company, customers and employees by mitigating and identifying technology threats to Santander.

• Creates and executes cyber security strategies and programs including threat management services such as vulnerability assessments, threat intelligence, analysis and response, security event monitoring and incident management, digital forensics etc.

• Provides expertise for cyber security technical and non-technical solutions; review and provide guidance enabling business system delivery in a manner that adheres to information security policy.

• Governs network-related security controls throughout the enterprise, firewall programs, intrusion detection and prevention systems, network data leakage prevention, secure email encryption, and web content filtering.

• Establishes the strategic direction for the enterprise, and ensures cohesiveness & strategic alignment of all business line access management initiatives.

• Manages standards, policies, processes and tools related to user access to information resources and management of logical access risks.

• Provides crypto key management support to Santander systems by constructing and analyzing protocols that maintain information security and system availability.

• Manages and monitors technology, audit and regulatory risk through governance, oversight, reporting and training initiatives / programs including management of audit and regulatory findings, regulatory reviews, process and strategic risk & control self-assessment, and key risk indicator program.

• Works to minimize potential impact and exposure to technology threats. Develop and enforce an integrated Technology Risk and Control Framework across the enterprise.

• Leads enterprise oversight groups / councils / forums.

• Conducts risk assessments on business applications, third parties and infrastructure and validate that security and technology controls are implemented to support business requirements.

Qualifications:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Education:
Bachelor's Degree or equivalent work experience in Computer Science, Engineering or Information Technology Management, or equivalent field.

Work Experience:
Experience in information security, governance, IT audit, or risk management., 12-15 years

Skills and Abilities:

• Leadership skills

• Ability to drive execution of aggressive goals through effective planning, prioritization, resource management and follow through.

• Demonstrated experience with information security frameworks

• Ability to manage multiple, ongoing initiatives

• Ability to lead by example

• Strong communications skills

• Ability to foresee industry trends

• Ability to maintain and implement best practices within field

• High level understanding of Information Security threats and maintenance

• Demonstrated understanding of technological trends and developments in the areas of information security, risk management, web architectures, and cloud computing.

Diversity & EEO Statements: At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams. We actively encourage everyone to apply.

Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.

Working Conditions: Frequent Minimal physical effort such as sitting, standing and walking. Occasional moving and lifting equipment and furniture is required to support onsite and offsite meeting setup and teardown. Physically capable of lifting up to fifty pounds, able to bend, kneel, climb ladders.

Employer Rights: Employer Rights: This job description does not list all of the job duties of the job. You may be asked by your supervisors or managers to perform other duties. You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time. This job description is not a contract for employment and either you or the employer may terminate at any time for any reason.

For NYC Job Applicants: The base annual salary range for this position is $165,000-$205,000.  The exact compensation may vary based on skills, experience, training, licensure and certifications and location.

English

Primary Location: New York, NY, New York

Other Locations: Massachusetts-Dorchester

Organization: Banco Santander S.A.

AN EQUAL OPPORTUNITY EMPLOYER M/F/Vet/Disabled/SO