Manager of IT Infrastructure RCSA
Company: Santander Holdings USA Inc
Location: Boston
Posted on: April 30, 2024
Job Description:
Manager of IT Infrastructure RCSADallas, United States of
AmericaThe Manager of IT Infrastructure RCSA within the first line
of defense, Business Control & Risk Management team, is accountable
leading the Infrastructure Technology Risk and Control
Self-Assessment.The Manager will have a team that works to
identify, assess and test various Information Technology (IT) risks
and controls through the defined risk program requirements. The
Manager will oversee the evaluation of key IT processes, review
internal control/quality reports and participate in risk
initiatives and lead opportunities for improved efficiency,
effectiveness and/or efforts to reduce exposure to top/material
technology risks. S/he supports and monitors IT's adherence with
corporate policies and procedures including regulatory/legal
obligations.The Manager provides leadership within the Business
Control & Risk Management team(s) and IT and must be able to
effectively lead and collaborate with various stakeholders while
influencing strategic goals.This Hybrid role can be located in any
of our Santander US offices in Dallas, Boston, NY, or Miami and
will be required to come into the office 3x's a week.Essential
Functions/Responsibility Statements:
- Drive Risk Culture: Establishes expectations, ownership and
accountability for risk management within the Business Line (IT).
Ensure awareness in the Business Line (IT) of risk frameworks,
policies and standards.
- Communication: Act as central point of contact for receipt and
distribution of risk related information between SLoD risk teams
and Business Line (IT). Maintain two-way communications with SLoD.
Facilitate training for Business Line (IT) to provide awareness of
risk frameworks, policies, programs, processes, etc.
- People Manager: The manager must manage their team for
training, compliance, capacity and personnel issues.
- Adherence to Risk Frameworks, Policies, and Standards: Partner
with SLoD to provide input/review of frameworks, policies and
standards. Facilitate Business Line (IT) awareness of and adherence
to risk frameworks, policies, and standards through internal
control testing and issue validation. Report and escalate
exceptions and facilitate Business Line (IT) corrective
actions.
- Continuous Monitoring: Continuously monitors all sources of
risk existing within the Business Line (IT) and externally. Engage
in research, peer networking, and experience to anticipate critical
risk issues impacting the Business Line (IT). Monitor Key Risk
Indicators and report on negative/adverse trends in Business Line
(IT). Monitor risk profile to maintain tolerance within Risk
Appetite.
- Issue Identification, Management, and Risk Assessment: Conduct
IT RCSA responsibilities including Process Mapping, Risk & Control
Matrices, Inherent Risk Assessments, and IT Control testing. Engage
and hold Business Line (IT) process owners accountable to identify
and assess risks. Support Business Line (IT) in risk
identification. Ensure all issues pertaining to the Business Line
(IT) are resolved within established timelines. Validate issues to
ensure Business Line (IT) remediation is sufficient to address root
cause and prevent recurrence.
- Internal Control Testing: Implement and maintain internal
control testing and control effectiveness monitoring in the
Business Line (IT). Validate the adequacy of controls, escalate
deficiencies as appropriate. Identify root causes of control
deficiencies/weaknesses and take appropriate action to ensure
Business Line (IT)s remediate and prevent recurrence.
- Exam Management: Liaison with the Business Line (IT) for all
exam related activities including regulatory, Internal Audit, etc.
Review materials, responses and validate Business Line (IT)
remediation work (e.g., artifacts, action plans, etc.)
Qualifications: To perform this job successfully, an individual
must be able to perform each essential duty satisfactorily. The
requirements listed below are representative of the knowledge,
skill, and/or ability required. Reasonable accommodations may be
made to enable individuals with disabilities to perform the
essential functions.Education:
- Bachelor's Degree or equivalent work experience in Information
Technology, Business, Risk Management, or equivalent field.
- Master's Degree in Information Technology, Business, Risk
Management, or equivalent field. (Pref) Licenses &
Certifications
- Preferred Professional Certification such as CRISC, CISA, CISSP
WorkExperience:
- 10+ years within IT Audit or IT RCSA programs
- Previous management experience managing small teams Skills and
Abilities:
- Proven ability to provides strategic guidance and direction for
programs, policies, and procedures to ensure alignment with
regulatory requirements and acceptable risk mitigation
practices.
- Experience Independently developing and documenting test
procedures and/or documenting recommendations for test plan
modifications that improve validation of control objectives. Test
procedure development may cover a wide range of technically diverse
topics ranging from IP Network Discovery, access management,
network security/operation, vulnerability management, Information
Security, SDLC, Backup and others.
- Should have extensive experience testing IT controls across
multiple IT domains and evaluating both automated and manual
controls related to Information Security or IT infrastructure
domains.
- Experience with Automated Test cases
- Experience in both a cloud and legacy hardware environment
- Ability to work on multiple concurrent assessments.
- Ability to work under pressure and meet deadlines.
- Strong risk assessment, negotiation and problem resolution
skills.
- Strong collaboration and relationship management skills.
- Self-starter, able to establish relationships and transcend
multiple cross-functional/divisional boundaries, largely
unaided.
- Proven ability to apply strategic thinking to multiple, complex
organizational and business issues, and has ability to translate
into practical plans for project execution.
- Project management skills.
- Knowledge and working understanding of additional auditing
standards, theories, concepts, and terms (including Sarbanes-Oxley,
COBIT and the COSO Integrated Control Framework)
- High sense of urgency with ability to drive results.
- High proficiency in PowerPoint, Word and Excel.
- Excellent verbal and written communication/presentation
skills.Diversity & EEO Statements: At Santander, we value and
respect differences in our workforce and strive to increase the
diversity of our teams. We actively encourage everyone to
apply.Santander is an equal opportunity employer. All qualified
applicants will receive consideration for employment without regard
to race, color, religion, sex, sexual orientation, gender identity,
national origin, genetics, disability, age, veteran status or any
other characteristic protected by law.Working Conditions: Frequent
Minimal physical effort such as sitting, standing and walking.
Occasional moving and lifting equipment and furniture is required
to support onsite and offsite meeting setup and teardown.
Physically capable of lifting up to fifty pounds, able to bend,
kneel, climb ladders.Employer Rights: This job description does not
list all of the job duties of the job. You may be asked by your
supervisors or managers to perform other duties. You may be
evaluated in part based upon your performance of the tasks listed
in this job description. The employer has the right to revise this
job description at any time. This job description is not a contract
for employment and either you or the employer may terminate at any
time for any reason Bachelor of Science (BS) English Primary
Location: Dallas, TX, DallasOther Locations:
Texas-Dallas,Florida-Coconut Grove,Massachusetts-Boston
Keywords: Santander Holdings USA Inc, Hartford , Manager of IT Infrastructure RCSA, IT / Software / Systems , Boston, Connecticut
Didn't find what you're looking for? Search again!
Loading more jobs...