Job Information
Santander US Third-Party Risk Management Assessor in Boston, Massachusetts
Third-Party Risk Management Assessor
Boston, United States of America
The Vendor Risk Assessment Center (VRAC) is responsible for executing centralized assessment functions such as Information Security/Business Continuity, Consumer Regulatory Compliance, Financial Health Assessments. Additionally, VRAC is responsible for reviewing the Inherent Risk Assessments, enforcing control points for vendor onboarding and end of lifecycle and assisting in the maintenance of the system of record, Hiperos.
The Information Security/Business Continuity/Regulatory Compliance Assessments team is responsible for executing the centralized assessments on vendors for Information Security/Business Continuity, Regulatory Compliance and Application assessment.
The Vendor Risk Assessment Analyst II is a transformational opportunity to work within the Vendor Risk Assessment Center (VRAC). This individual will serve as a subject matter expert and partner with our Information Security and Risk partners to manage, review risk assessment and recommend new process enhancements in line with audit requirements. The Vendor Risk Assessment Analyst will also perform risk assessments thoroughly and timely. This will require working closely with the Third Parties as well as business stakeholders and risk partners across the Santander organization.
VRAC Analysis
Deliver industry best practices, tools, guidance, and training related to information security and business continuity practices and standards
Demonstrate strong subject matter expertise and serves as an authority and credible challenge to management regarding information security and business continuity assessments and risks
Complete information security and business continuity assessments as needed on third parties.
Provide a comprehensive range of risk management expertise
Complete quality assurance validation of information security and business continuity assessment work products
Relationship Management
Develop and sustain meaningful relationships through building trust and rapport with internal Santander stakeholders
Partner with Business stakeholders to report on risks from third parties as it relates to information security and business continuity
Represent Santander's position in front of suppliers, and act as the communication link between Santander and suppliers as needed.
Manage issue resolution falling within the scope of the department.
Internal Continuous Improvement
Participate in the development and execution of internal projects to improve organizational performance
Offer support and act as a resource for more junior teammates
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Qualifications:
Bachelor's degree Information Technology and/or Security
Work Experience, 2+ years of Audit, Regulatory Compliance and/or Assurance Assessment, Risk Management and Financial Services
Familiarity with Information Security industry standards and best practices, as well as relevant frameworks and regulations (e.g. ISO 27000, PCI DSS, GLBA, NIST) Preferred
Certification in an Information Security and/or Audit certification such as Certified Information System Audit (CISA, Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) or Certified Information Systems Security Professional (CISSP) Preferred
Skills
Strong operational risk management principles, methodologies and tools, governance principles and activity preferably in a financial services technology environment
Ability to independently operate in a complex environment; adept at delivering and maintaining productive working relationships across business, functions, geographies and lines of defense
Advanced audit, risk, process, and control validation and/or assessment skills
Ability to direct, train and guide peers, subordinates and management
Ability to handle conflict resolution with other groups to ensure appropriate accounting guidance is followed
Ability to convey a sense of urgency and drive issues/projects to closure
Ability to effectively interact with the market, executive management and vendors
Ability to adapt and adjust to multiple demands and competing priorities
Excellent written and oral communication skills
Advanced Microsoft Excel skills
Excellent analytical, organizational and project management skills
This position can be located at our Boston, Miami or Dallas location.
At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams. We actively encourage everyone to apply.
Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.
This job description does not list all of the job duties of the job. You may be asked by your supervisors or managers to perform other duties. You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time. This job description is not a contract for employment and either you or the employer may terminate at any time for any reason.
#LI-Hybrid
English
Primary Location: Boston, MA, Boston
Other Locations: Massachusetts-Boston,Texas-Dallas
Organization: NW Services Co
AN EQUAL OPPORTUNITY EMPLOYER M/F/Vet/Disabled/SO