Senior Analyst - DT Governance Risk And Compliance
ServiceNowSalary not specified
Full Time
Senior (5 to 8 years)
Not SpecifiedCompensation
Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Banking, Financial ServicesIndustries
Requirements
- Bachelor's degree in IT Risk Management, Information Systems, or equivalent field, or equivalent work experience
- Master's degree in IT Risk Management, Information Systems, or equivalent field (preferred)
- More than 3 years of experience in IT technical control testing and IT technical evidence evaluation
- More than 3 years of experience in IT Risk Management, Internal Controls, Auditing, and Information Security
- Previous hands-on experience in cyber risk assessment, cybersecurity evaluation, penetration testing, network devices (firewalls/IDS-IPDS), and IT tools
- Solid knowledge and understanding of risk and control methodologies, including frameworks such as COSO and COBIT
- Experience conducting reviews of medium- to high-complexity IT processes
- Ability to independently develop and document test procedures and/or recommendations for modifying test plans to improve the validation of control objectives
- Extensive experience testing IT controls across multiple domains and evaluating automated and manual controls related to information security or IT infrastructure
- Strong data analysis skills and the ability to independently develop scripts to collect the data necessary for control testing/assessments; automation of test procedures whenever possible
- Ability to perform cross-platform testing (applications, databases, operating systems, middleware, monitoring tools, and business processes)
- Ability to independently obtain, review, and interpret evidence to validate the effectiveness of controls and identify vulnerabilities, deficiencies, or failures; identify risks associated with control failures and support the identification of mitigating controls
- Ability to accurately document control test results with sufficient detail and minimizing the need for rework
- Ability to work on multiple simultaneous assessments
- Ability to create Excel formulas for data analysis
- Excellent project management skills
- Preferred Professional Certification such as CRISC, CISA, CISSP
Responsibilities
- Operate within the First Line of Defense to implement the Enterprise Risk Management Framework, ensuring compliance with regulations, corporate standards, and company policies
- Execute a defined risk and control self-assessment (RCSA) program
- Analyze, evaluate, and provide strategic guidance for programs, policies, and procedures, ensuring alignment with regulatory requirements and acceptable risk mitigation practices
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What experience is required for this IT Controls Analyst role?
Candidates need more than 3 years of experience in IT technical control testing and IT technical evidence evaluation, plus more than 3 years in IT Risk Management, Internal Controls, Auditing, and Information Security. Additional hands-on experience in cyber risk assessment, cybersecurity evaluation, penetration testing, network devices, and IT tools is required.
What education is needed for this position?
A Bachelor's degree in IT Risk Management, Information Systems, or equivalent field is required, or equivalent work experience. A Master's degree in the same fields is also listed.
What is the location for this job?
The position is located in Mexico.
What certifications are preferred for this role?
Preferred professional certifications include CRISC, CISA, or CISSP.
What skills make a strong candidate for this IT Controls Analyst position?
Strong candidates have solid knowledge of risk and control methodologies like COSO and COBIT, strong data analysis skills with scripting and Excel formulas, experience testing IT controls across multiple domains, and excellent project management skills.
Santander
Provides banking, investment, and insurance services
About Santander
Santander Bank provides a variety of financial services to individuals, small businesses, and large corporations in the United States. Its offerings include savings and checking accounts, loans, credit cards, and investment products. The bank also has specialized services through Santander Investment Services and insurance products via Santander Securities LLC. Santander stands out from its competitors by focusing on community growth, committing $13.6 billion to support initiatives like the 'Cultivate Small Business' program, which aids early-stage entrepreneurs, especially from underrepresented groups. The bank generates revenue through interest on loans, service fees, and commissions, while promoting responsible banking practices and financial education. Santander's goal is to empower individuals and businesses, enhance community prosperity, and provide comprehensive financial solutions.
Boston, MassachusettsHeadquarters
1902Year Founded
$75MTotal Funding
POST_IPO_DEBTCompany Stage
Fintech, Financial ServicesIndustries
10,001+Employees
Benefits
Health, dental, & vision
401k
Flexible PTO
Parental & sick leave
Discounts: technology, travel, auto, fitness, & tuition
Risks
ISO 20022 transition may challenge smaller business partners.
'Quishing' attacks pose a growing threat to consumer security.
Openbank faces competition in the U.S. high-yield savings market.
Differentiation
Santander's Openbank offers a 5.00% APY high-yield savings account nationwide.
The bank's Inclusive Communities Plan pledges $13.6 billion for community initiatives.
Santander's ISO 20022 adoption enhances operational efficiency and data management.
Upsides
Openbank's high-yield savings account attracts more U.S. customers.
Santander's renewable energy financing highlights commitment to sustainable investments.
Proactive cybersecurity measures enhance customer trust and protect digital assets.
Related Jobs
RemoteRemoteSenior IT Specialist
Spry MethodsSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteOperations Risk Lead
KalshiSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteSenior Risk Analyst - Enterprise Risk Management
DeelSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteIT Risk & Compliance Analyst
AngiSalary not specified
- Full Time
- Mid-level (3 to 4 years)