Santander Consumer USA Inc.
Senior Associate – Technology & Cyber Risk Management RCSA Validation Coordinato
Santander Consumer USA Inc., Miami, Florida, us, 33222
Santander is a global leader and innovator in the financial services industry. We believe that our employees are our greatest asset. Our focus is on fostering an enriching journey that empowers you to explore diverse career opportunities while nurturing your personal growth.
We are seeking a Senior Associate to join our Technology & Risk Management team with a focus on Risk and Control Self-Assessment (RCSA) validation. This role will be responsible for coordinating and executing in-depth validations of technology and cybersecurity risk/control assessments, ensuring consistency, accuracy, and compliance with internal and regulatory standards.
The Difference You Make:
The Senior Associate will act as a central coordinator for validation activities, working closely with technology and cyber stakeholders, and control testers, while applying strong analytical and project management (PMO) skills. Essential Functions:
Execute and coordinate independent validation of technology and cybersecurity RCSAs, including IT general controls, infrastructure, application, and cyber-specific controls. Review and challenge control design, test results, and effectiveness assessments. Provide guidance and oversight to the team performing validations, ensuring technical accuracy and adherence to methodology. Stakeholder Coordination & Engagement:
Partner with technology teams, cyber risk/control owners, and first-line functions to coordinate RCSA second line validation activities. Ensure validation findings and control gaps are documented, communicated, and addressed in a timely manner. Support engagement with senior technology and risk stakeholders to escalate material findings. Structured Delivery & PMO Support:
Apply structured project management skills to plan, monitor, and track validation activities. Develop and maintain validation schedules, manage dependencies, and ensure deliverables are completed on time. Contribute to playbooks, templates, and methodologies specific to technology and cyber RCSA Second line validation. Governance & Reporting:
Support the preparation of reporting, dashboards, and metrics on validation activities. Ensure validation documentation is complete, accurate, and audit-ready. Provide insights and updates to risk committees, governance forums, and management. What You Bring:
Bachelor’s degree in Information Technology, Cybersecurity, Risk Management, or related field. Overall professional experience of 5-10 years or more in Technology Risk Management, Cybersecurity Risk, IT Audit, or Operational Risk within financial services. Strong knowledge of IT and cybersecurity risks, including IT general controls, identity and access management, network security, cloud, and application security. Technical Skills:
Familiarity with industry frameworks and standards such as NIST, ISO 27001, COBIT, ITIL, CIS Controls. Understanding of regulatory expectations related to technology and cyber risk. Competencies and Abilities:
Structured, detail-oriented, and analytical, with the ability to balance execution and coordination. Strong communication and stakeholder engagement skills, capable of interfacing with both technical and non-technical teams. Proactive and organized, able to manage competing priorities in a fast-paced environment. Risk Culture:
We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk management. EEO Statement:
At Santander, we value and respect differences in our workforce. We actively encourage everyone to apply. Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.
#J-18808-Ljbffr
The Senior Associate will act as a central coordinator for validation activities, working closely with technology and cyber stakeholders, and control testers, while applying strong analytical and project management (PMO) skills. Essential Functions:
Execute and coordinate independent validation of technology and cybersecurity RCSAs, including IT general controls, infrastructure, application, and cyber-specific controls. Review and challenge control design, test results, and effectiveness assessments. Provide guidance and oversight to the team performing validations, ensuring technical accuracy and adherence to methodology. Stakeholder Coordination & Engagement:
Partner with technology teams, cyber risk/control owners, and first-line functions to coordinate RCSA second line validation activities. Ensure validation findings and control gaps are documented, communicated, and addressed in a timely manner. Support engagement with senior technology and risk stakeholders to escalate material findings. Structured Delivery & PMO Support:
Apply structured project management skills to plan, monitor, and track validation activities. Develop and maintain validation schedules, manage dependencies, and ensure deliverables are completed on time. Contribute to playbooks, templates, and methodologies specific to technology and cyber RCSA Second line validation. Governance & Reporting:
Support the preparation of reporting, dashboards, and metrics on validation activities. Ensure validation documentation is complete, accurate, and audit-ready. Provide insights and updates to risk committees, governance forums, and management. What You Bring:
Bachelor’s degree in Information Technology, Cybersecurity, Risk Management, or related field. Overall professional experience of 5-10 years or more in Technology Risk Management, Cybersecurity Risk, IT Audit, or Operational Risk within financial services. Strong knowledge of IT and cybersecurity risks, including IT general controls, identity and access management, network security, cloud, and application security. Technical Skills:
Familiarity with industry frameworks and standards such as NIST, ISO 27001, COBIT, ITIL, CIS Controls. Understanding of regulatory expectations related to technology and cyber risk. Competencies and Abilities:
Structured, detail-oriented, and analytical, with the ability to balance execution and coordination. Strong communication and stakeholder engagement skills, capable of interfacing with both technical and non-technical teams. Proactive and organized, able to manage competing priorities in a fast-paced environment. Risk Culture:
We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk management. EEO Statement:
At Santander, we value and respect differences in our workforce. We actively encourage everyone to apply. Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.
#J-18808-Ljbffr