VP Cloud Compliance

VP Cloud Compliance

Country : United States of America

The VP Cloud Compliance operates within the First Line of Defense and is accountable to assist the Business Control & Risk Management team in driving effective and consistent business line execution against the Enterprise Risk Management Framework.

S / He is expected to champion the Business Control mandate as a critical business partner guiding stakeholders to embed risk management practices in the first line.

The Sr. Associate serves as a subject matter expert by advising and guiding risk initiatives such as risk assessments, KRI / KPI development and monitoring, working with the business line to proactively self-identify issues, and ensure on-time remediation of issues.

• Ensures the company meet all compliance and regulatory requirements for Cloud practices.
• Provides guidance on how to address non-compliances related to Cloud tools or components.
• Provides guidance on how to address non-compliances related to Artificial Intelligence tools or components.
• Train / educate rest of the Technology areas on how to be in Compliance with US regulations while implementing Cloud / AI solutions.
• Implements / adjust Cloud industry control frameworks (e.g., CCM) to the company control frameworks.
• Implements / adjust artificial intelligence industry control frameworks to the company control frameworks.
• Monitors activities to minimize the company's exposure to risk.
• Activities may include quantitative analysis, risk identification and remediation.
• Responsible for ensuring that all of the company's activities adhere to the necessary rules and regulations, and that the company complies with legal / regulatory statutes and jurisdictions.
• Typically organizes a reporting system and tracks goals accomplishment, collect and process data and provides managers with all necessary company management data and information.
• Drive Risk Culture : Ensure awareness in the Business Line of risk frameworks, policies and standards.
• Communication & Training : Maintain two-way communications with SLoD. Facilitate training for Business Lines to provide awareness of risk frameworks, policies, programs, processes, etc.
• Adherence to Risk Frameworks, Policies, and Standards : Partner with SLoD to provide input / review of frameworks, policies and standards.

Facilitate Business Line awareness of and adherence to risk frameworks, policies, and standards.

• Continuous Monitoring : Continuously monitors all sources of risk existing within the Business Line and externally.
• Engage in research, peer networking, and experience to anticipate critical risk issues impacting the Business Line.
• Monitor Key Risk Indicators and report on negative / adverse trends in Business Line.
• Monitor risk profile to maintain tolerance within Risk Appetite.
• Validate the adequacy of controls, escalate deficiencies as appropriate. Identify root causes of control deficiencies / weaknesses and take appropriate action to ensure Business Lines remediate and prevent recurrence.
• Review materials, responses and validate Business Line remediation work (e.g., artifacts, action plans, etc.)
• Manage and execute risk related activities and routines as part of the following operational risk programs : Risk and Control Self-Assessment (RCSA), Issues Management, Scenario Analysis, Top Risk, Material Risk Program, Event Escalation, Loss Management and Application Inherent Risk Assessment.
• Preferred : Bilingual Spanish

Qualifications :

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and / or ability required.

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Education : Bachelor's Degree or equivalent work experience in Accounting, Business, Statistics, Risk Management, Information Systems, Finance, Engineering, Economics or equivalent field.
• Master's Degree in Accounting, Business, Statistics, Risk Management, Information Systems, Finance, Engineering, Economics or equivalent field. (Pref)

Work Experience :

• 9+ years Risk Management, Internal Controls, Auditing, Credit Management, relevant line of business experience and / or legal or regulatory experience
• Experience in Cloud Compliance and / or AI Compliance applied to financial institutions or large organizations.

Skills and Abilities :

• Cloud (AWS and / or Azure) Compliance expertise
• Knowledge in CSA CCM - Cloud Controls Matrix Framework or similar industry frameworks
• General Knowledge in IT topics such as Infrastructure, SDLC, Information security, etc.
• Knowledge in Corporate and Investment Banking sector
• Ability to generate reports for Sr. Management in different tools (e.g., ppt, etc.)
• Demonstrated thought leadership and application of operational risk identification and mitigation practices and procedures.
• Advanced understanding of the regulatory environment and how the risks of the products and services the bank offers are viewed by the Second Line of Defense and regulators.
• Demonstrated judgement in escalation, ensuring risk-based clear line of sight for senior executives into existing and emerging issues / incidents.
• Excellent analytical and complex problem-solving skills.
• Superior project management skills.
• Ability to constructively work both independently and in collaborative environments involving all levels of management and employees.

Diversity & EEO Statements : At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams.

We actively encourage everyone to apply.

Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.

Working Conditions : Frequent Minimal physical effort such as sitting, standing and walking. Occasional moving and lifting equipment and furniture are required to support onsite and offsite meeting setup and teardown.

Physically capable of lifting up to fifty pounds, able to bend, kneel, climb ladders.

Employer Rights : Employer Rights : This job description does not list all of the job duties of the job. You may be asked by your supervisors or managers to perform other duties.

You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time.

This job description is not a contract for employment and either you or the employer may terminate at any time for any reason.

The base pay range for this position is posted below and represents the annualized salary range. For hourly positions (non-exempt), the annual range is based on a 40-hour work week.

The exact compensation may vary based on skills, experience, training, licensure and certifications and location.

Base Pay Range

Minimum : $108,000.00 USD

$108,000.00 USD

Maximum : $155,000.00 USD

$155,000.00 USD

Primary Location : Dorchester, MA, Dorchester

Other Locations : Massachusetts-Dorchester,Florida-Miami,Texas-Dallas

The base pay range for this position is posted below and represents the annualized salary range. For hourly positions (non-exempt), the annual range is based on a 40-hour work week.

The exact compensation may vary based on skills, experience, training, licensure and certifications and location.

Salary : $108,000 - $155,000 / year