Santander Bank, NA InfoSec Senior Lead in Holmdel, New Jersey

InfoSec Senior Lead - 1803361



[POSITION SUMMARY] Designing, developing, operating and managing comprehensive security architectures, strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls. Specific focus includes mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity. Key functional / specialized disciplines or practice areas for this Job Family include but are not limited to the following: Cyber Security (Architecture, Development, Operations) - Responsible for protecting the Bank, customers and employees by mitigating and identifying technology threats to Santander. Create and manage cyber security strategy, programs and execution including threat management services such as vulnerability assessments, threat inteligence, analysis and response, security event monitoring and incident management, digital forensics etc. Provide expertise for cyber security technical and non-technical solutions; review and provide guidance enabling business system delivery in a manner that adheres to information security policy. Govern network-related security controls throughout the enterprise, firewall programs, intrusion detection and prevention systems, network data leakage prevention, secure email encryption, and web content filtering. Identity and Access Management - Establish the strategic direction for the enterprise, and ensure cohesiveness & strategic alignment of all business line access management initiatives. Oversight and management of standards, policies, processes and tools related to user access to information resources and management of logical access risks. Provide crypto key management support to Santander systems by constructing and analyzing protocols that maintain information security and system availability. Strategy Governance, Risk and Policy. Manage and monitor technology, audit and regulatory risk through governance, oversight, reporting and training initiatives / programs including management of audit and regulatory findings, regulatory reviews, process and strategic risk & control self-assessment, and key risk indicator program. Work to minimize potential impact and exposure to technology threats. Develop and enforce an integrated Technology Risk and Control Framework across the enterprise. Lead enterprise oversight groups / councils / forums. Business Information Security Management. Provide technology risk advice and consultation to business partners; enable businesses to effectively manage risk within their risk appetite and meet business objectives. Facilitate communication and execution of enterprise-wide information security programs and deliver enterprise awareness training. Conduct risk assessments on business applications, third parties and infrastructure and validate that security and technology controls are implemented to support business requirements. Lead development and/or implementation of significant or Bank-wide Technology Controls / Information Security strategies, policies, programs, tools and provide expert advice and guidance on technical solutions. Oversee control and governance activities and identify and assess potential security risks, breaches/ exposures impacting highly complex / high risk businesses or transformational (change the bank) strategic initiatives primarily interfacing with executive and/or functional stakeholders across the Bank. Typically requires a University Degree or equivalent experience and minimum 9 years of prior relevant experience. Licenses/Cert: Advanced Information Security Certification (ISACA or equivalent). Active SANS certification in the areas of network, malware and forensic analysis (GREM, GCIA, GCFA, GCIH).

Job : IT & Systems Control
Primary Location : New Jersey-Holmdel
Other Locations : Massachusetts-Dorchester
Schedule : Full-time
Job Posting : Jun 4, 2018, 1:15:51 PM