Information Security Risk Analyst II
AcornsSalary not specified
Full Time
Junior (1 to 2 years)
Not SpecifiedCompensation
Mid-level (3 to 4 years)Experience Level
Full TimeJob Type
UnknownVisa
Financial Services, Automotive FinanceIndustries
Requirements
Candidates should possess a strong understanding of information security principles, frameworks like ISO/IEC 27001, and risk management. Familiarity with ISMS maintenance, security incident response, and regulatory requirements such as GDPR, NIS2, and Cyber Essentials is necessary. Experience with third-party security assessment platforms and GRC tools is desirable, as is exposure to vulnerability management and audit involvement. Relevant education or professional qualifications in risk, compliance, or information security are required, along with excellent documentation, communication, teamwork, time management, influencing, and problem-solving skills.
Responsibilities
The Information Security Assurance Analyst will maintain and improve the Information Security Management System (ISMS), including updating policies and coordinating reviews. They will facilitate supplier onboarding, conduct security assessments, and develop security awareness initiatives. Responsibilities include monitoring security alerts and incidents, preparing reports, scheduling penetration tests, and supporting remediation efforts. The analyst will also analyze external vulnerability bulletins, assist in evaluating cybersecurity tools, and use third-party assessment platforms. They will support project delivery, monitor control effectiveness, gather evidence for audits, and respond to audit findings. Additionally, the role involves building stakeholder relationships, collaborating with IT teams, producing security reports, documenting incidents with root cause analysis, and conducting information security risk assessments.
Skills
Information Security
ISMS
Security Policies
Security Procedures
Security Standards
Security Audits
Supplier Security Assessments
Security Awareness
Security Alerts
Security Incidents
Vulnerability Management
Penetration Testing
Risk Management
Compliance
Cybersecurity Tools
Project Delivery
Stakeholder Engagement
Santander
Provides banking, investment, and insurance services
About Santander
Santander Bank provides a variety of financial services to individuals, small businesses, and large corporations in the United States. Its offerings include savings and checking accounts, loans, credit cards, and investment products. The bank also has specialized services through Santander Investment Services and insurance products via Santander Securities LLC. Santander stands out from its competitors by focusing on community growth, committing $13.6 billion to support initiatives like the 'Cultivate Small Business' program, which aids early-stage entrepreneurs, especially from underrepresented groups. The bank generates revenue through interest on loans, service fees, and commissions, while promoting responsible banking practices and financial education. Santander's goal is to empower individuals and businesses, enhance community prosperity, and provide comprehensive financial solutions.
Boston, MassachusettsHeadquarters
1902Year Founded
$75MTotal Funding
POST_IPO_DEBTCompany Stage
Fintech, Financial ServicesIndustries
10,001+Employees
Benefits
Health, dental, & vision
401k
Flexible PTO
Parental & sick leave
Discounts: technology, travel, auto, fitness, & tuition
Risks
ISO 20022 transition may challenge smaller business partners.
'Quishing' attacks pose a growing threat to consumer security.
Openbank faces competition in the U.S. high-yield savings market.
Differentiation
Santander's Openbank offers a 5.00% APY high-yield savings account nationwide.
The bank's Inclusive Communities Plan pledges $13.6 billion for community initiatives.
Santander's ISO 20022 adoption enhances operational efficiency and data management.
Upsides
Openbank's high-yield savings account attracts more U.S. customers.
Santander's renewable energy financing highlights commitment to sustainable investments.
Proactive cybersecurity measures enhance customer trust and protect digital assets.
Related Jobs
RemoteRemoteLead Security Architect
Access SystemsSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteGRC Analyst
MercurySalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteLead Security Analyst - Governance, Risk, and Compliance
LaunchDarklySalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteAudit Enablement Manager
Vanta$128,000 - $150,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Third Party Security Assessor (Remote)
ExpediaSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteInformation Security Analyst
ValonSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteSenior Compliance Analyst
EarnestSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteSr. Partner Director, Household Essentials
FetchSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSecurity Analyst, Incident Response
SpyCloudSalary not specified
- Full Time
- Mid-level (3 to 4 years)
RemoteSr. Vulnerability Detection Engineer (Content) Exposure Management (Re…
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years)