Information Security Analyst

Job Overview

Santander is a global leader and innovator in the financial services industry. We believe that our employees are our greatest asset. Our focus is on fostering an enriching journey that empowers you to explore diverse career opportunities while nurturing your personal growth.

An exciting journey awaits, if you are interested in exploring the possibilities. We Want to Talk to You!

The Difference You Make

The Sr. Specialist, Information Security develops and implements information security standards and procedures. Provides tactical information security advice and examining the ramifications of new technologies. Ensures that all information systems are functional and secure. Plans, implements, upgrades, or monitors security measures for the protection of computer networks and information.

• Work closely with the New York Information Security and Santander US Identity and Access Services teams, and Business Owners to address any New York related IAM, PAM and Single Sign On (SSO) related issues including related regulatory requirements to mature the information security program.
• The submission, approval, creation, and removal of accounts, entitlements, application roles, and business roles follows documented processes and procedures with clearly defined roles and responsibilities.
• User Active Directory accounts unused for the previous 90 calendar days are reviewed for inactivity and, if confirmed to be inactive, disabled or removed.
• All certified access rights are documented and current. Technology Platform Owners identifies users whose access rights violate the Separation of Duty (SoD) rules and are reviewed with managers / supervisors. Any exceptions are documented, risk-assessed, and formally approved within 30 business days of the management review.
• The recertification process is performed as a formal review of information assets to confirm that all granted access rights entitlements remain valid, updated, and in full compliance with the Segregation of Duties (SoD) rules and Principle of Least Privilege.
• All assets are onboarded to the Privileged Access Management System (PAMS) such as CyberArk and a process is defined to periodically review and recertify the accounts including groups they belong to.
• Perform risk assessments and control gap analysis against Information Security Policies and Standards.
• Support coordination for closure of gaps identified with Standard Requirements and Cyber Risk Assessment methodology.
• Analysis, evidence gathering and documenting compliance with Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Assessment Tool (CAT), NYDFS 23 NYCRR 500 cybersecurity or any other regulatory requirements.

What You Bring

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and / or ability required.

What Else You Need To Know

The base pay range for this position is posted below and represents the annualized salary range. For hourly positions (non-exempt), the annual range is based on a 40-hour work week. The exact compensation may vary based on skills, experience, training, licensure and certifications and location.

Minimum : $63,750.00 USD

Maximum : $105,000.00 USD

Risk Culture : We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk management.

EEO Statement : At Santander, we value and respect differences in our workforce. We actively encourage everyone to apply. Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.

J-18808-Ljbffr