Information Security Analyst at Santander

New York, New York, United States

Apply Now
Santander Logo
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Financial Services, BankingIndustries

Requirements

  • Bachelor's Degree or equivalent work experience in Computer Science, Engineering, Information Technology Management, or equivalent field
  • 3+ Years Experience in information security, governance, IT audit, or risk

Responsibilities

  • Develops and implements information security standards and procedures
  • Provides tactical information security advice and examines the ramifications of new technologies
  • Ensures that all information systems are functional and secure
  • Plans, implements, upgrades, or monitors security measures for the protection of computer networks and information
  • Ensures security controls are in place to safeguard digital files and vital electronic infrastructure
  • Responds to computer security breaches and viruses
  • Works closely with the New York Information Security and Santander US Identity and Access Services teams, and Business Owners to address New York related IAM, PAM, and Single Sign On (SSO) issues, including related regulatory requirements to mature the information security program
  • Ensures the submission, approval, creation, and removal of accounts, entitlements, application roles, and business roles follows documented processes and procedures with clearly defined roles and responsibilities
  • Reviews User Active Directory accounts unused for the previous 90 calendar days for inactivity and, if confirmed inactive, disables or removes them
  • Ensures all certified access rights are documented and current; identifies users whose access rights violate Separation of Duty (SoD) rules and reviews with managers/supervisors; documents, risk-assesses, and formally approves any exceptions within 30 business days
  • Performs the recertification process as a formal review of information assets to confirm granted access rights, entitlements remain valid, updated, and in compliance with Segregation of Duties (SoD) rules and Principle of Least Privilege
  • Ensures all assets are onboarded to the Privileged Access Management System (PAMS) such as CyberArk and defines a process to periodically review and recertify the accounts including groups they belong to
  • Performs risk assessments and control gap analysis against Information Security Policies and Standards
  • Supports coordination for closure of gaps identified with Standard Requirements and Cyber Risk Assessment methodology
  • Performs analysis, evidence gathering, and documents compliance with Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Assessment Tool (CAT), NYDFS 23 NYCRR 500 cybersecurity, or any other regulatory requirements

Skills

Key technologies and capabilities for this role

IAMPAMSSOInformation SecurityIdentity and Access ManagementPrivileged Access ManagementNetwork SecuritySecurity ControlsRegulatory Compliance

Questions & Answers

Common questions about this position

What is the salary for the Information Security Analyst position?

This information is not specified in the job description.

Is this Information Security Analyst role remote or office-based?

This information is not specified in the job description.

What key responsibilities are involved in this Information Security Analyst role?

The role involves developing and implementing information security standards, ensuring systems are secure, monitoring security measures, working with IAM, PAM, and SSO teams on access issues, reviewing inactive accounts, and handling recertification processes for compliance with SoD and least privilege principles.

What is the company culture like at Santander for this role?

Santander fosters an enriching environment focused on continuous learning, personal growth, collaboration with global colleagues, engagement, and career opportunities.

What makes a strong candidate for the Sr. Specialist, Information Security role?

Strong candidates have expertise in information security standards, IAM, PAM, SSO, Active Directory management, compliance with SoD and least privilege, and experience addressing regulatory requirements in a financial services context.

Santander

Provides banking, investment, and insurance services

Website

About Santander

Santander Bank provides a variety of financial services to individuals, small businesses, and large corporations in the United States. Its offerings include savings and checking accounts, loans, credit cards, and investment products. The bank also has specialized services through Santander Investment Services and insurance products via Santander Securities LLC. Santander stands out from its competitors by focusing on community growth, committing $13.6 billion to support initiatives like the 'Cultivate Small Business' program, which aids early-stage entrepreneurs, especially from underrepresented groups. The bank generates revenue through interest on loans, service fees, and commissions, while promoting responsible banking practices and financial education. Santander's goal is to empower individuals and businesses, enhance community prosperity, and provide comprehensive financial solutions.

Boston, MassachusettsHeadquarters
1902Year Founded
$75MTotal Funding
POST_IPO_DEBTCompany Stage
Fintech, Financial ServicesIndustries
10,001+Employees

Benefits

Health, dental, & vision
401k
Flexible PTO
Parental & sick leave
Discounts: technology, travel, auto, fitness, & tuition

Risks

ISO 20022 transition may challenge smaller business partners.
'Quishing' attacks pose a growing threat to consumer security.
Openbank faces competition in the U.S. high-yield savings market.

Differentiation

Santander's Openbank offers a 5.00% APY high-yield savings account nationwide.
The bank's Inclusive Communities Plan pledges $13.6 billion for community initiatives.
Santander's ISO 20022 adoption enhances operational efficiency and data management.

Upsides

Openbank's high-yield savings account attracts more U.S. customers.
Santander's renewable energy financing highlights commitment to sustainable investments.
Proactive cybersecurity measures enhance customer trust and protect digital assets.

Related Jobs

California
Remote iconRemote

Sr. IT & Cyber Operations Analyst (Remote)

Crowdstrike
Salary not specified
Remote
Remote iconRemote

Sr. Information Security Analyst

Valon
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
Canada
Remote iconRemote

Security Analyst

Qualified.com
$130,000 - $145,000/year
  • Employment type iconFull Time
  • Experience level iconJunior (1 to 2 years)
Remote
Remote iconRemote

Regulatory & Security Compliance Analyst

Rain
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
Birmingham
Remote iconRemote

3rd Party Cyber Risk Analyst

Protective Life
Salary not specified
Remote
Remote iconRemote

Staff Cyber Risk Analyst

GE Healthcare
Salary not specified
  • Employment type iconFull Time
  • Experience level iconJunior (1 to 2 years)
Remote
Remote iconRemote

Senior Digital Auditor

GE Healthcare
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
Washington
Remote iconRemote

Chief Information Security Officer (CISO), Workday Government

Workday
Salary not specified
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years)
Berkeley +1 more
Remote iconRemote

Security Operations Analyst

The Voleon Group
Salary not specified
  • Employment type iconFull Time
  • Experience level iconEntry Level & New Grad
Plano
Remote iconRemote

Sr. Professional Services Consultant, NGFW

Palo Alto Networks
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
United States
Remote iconRemote

Senior Compliance Specialist

Wisk
Salary not specified

Land your dream remote job 3x faster with AI

Try Jobo Free