Third-Party Cyber Risk Manager
HumanaSalary not specified
Full Time
Mid-level (3 to 4 years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Banking, Financial ServicesIndustries
Requirements
- ~5–8 years in cybersecurity risk, technology risk, cyber audit or 2LoD/3LoD roles in financial services or other highly regulated environments. (Required)
- Bachelor’s in Computer Science, Engineering or related. (Required)
- Master’s a plus. (Preferred)
- Professional certifications: CISA, CISM, CRISC, CISSP; plus cloud security (AWS/Azure/GCP). (Required)
- Fluent English. (Required)
- Technical expertise in many of: IAM, network & firewall management, vulnerability/patch management, cloud security architecture, secure SDLC & containerization, encryption/tokenization, DLP, security logging & monitoring, incident detection & response, and offensive security understanding
- Frameworks & practices: NIST CSF, ISO 27001/22301, COBIT, SOC 2/ISAE 3000, OWASP; proven experience executing cyber risk oversight programs in 2LoD/3LoD
- Strong risk judgment and documentation quality; ability to coordinate across teams, influence
Responsibilities
- Lead 2LoD review & challenge of cybersecurity risk assessments, control evaluations, risk metrics, mitigation plans and risk acceptances; synthesize into clear risk opinions for senior stakeholders
- Run targeted risk reviews of priority domains (e.g., IAM, network/firewall, vulnerability & patch management, cloud security, AppSec/containers, encryption/tokenization, DLP, logging/monitoring, incident response/SOC); track remediation to closure
- Provide independent oversight on digital transformation and business change, assessing cyber risk impacts and required controls from design to go-live
- Strengthen third-party/critical services risk management: certify services/vendors, challenge inherent risk scoring, assign residual risk ratings, and monitor remediation
- Analyze cyber risk data (incidents—internal/external, KRIs, control gaps, risk register) to identify patterns, concentrations, and emerging hotspots
- Evolve and transpose policies/frameworks to steer safe technology adoption; align to industry standards
- Prepare clear, decision-ready governance reporting for committees and working groups; escalate issues with urgency and evidence
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What is the location for this role?
The position is based out of Boadilla (Madrid), Spain.
What is the required professional experience for this position?
The role requires approximately 5–8 years of professional experience.
What salary or compensation does this role offer?
This information is not specified in the job description.
What is the company culture like at Santander?
Santander embraces a strong risk culture where professionals at all levels take a proactive and responsible approach toward risk management, values bold thinking, innovation, collaboration, and empowering individuals.
What skills and responsibilities are key to succeeding in this role?
Success requires leading 2LoD reviews of cybersecurity risk assessments, running targeted risk reviews in domains like IAM and cloud security, providing oversight on digital transformation, strengthening third-party risk management, and preparing governance reporting.
Santander
Provides banking, investment, and insurance services
About Santander
Santander Bank provides a variety of financial services to individuals, small businesses, and large corporations in the United States. Its offerings include savings and checking accounts, loans, credit cards, and investment products. The bank also has specialized services through Santander Investment Services and insurance products via Santander Securities LLC. Santander stands out from its competitors by focusing on community growth, committing $13.6 billion to support initiatives like the 'Cultivate Small Business' program, which aids early-stage entrepreneurs, especially from underrepresented groups. The bank generates revenue through interest on loans, service fees, and commissions, while promoting responsible banking practices and financial education. Santander's goal is to empower individuals and businesses, enhance community prosperity, and provide comprehensive financial solutions.
Boston, MassachusettsHeadquarters
1902Year Founded
$75MTotal Funding
POST_IPO_DEBTCompany Stage
Fintech, Financial ServicesIndustries
10,001+Employees
Benefits
Health, dental, & vision
401k
Flexible PTO
Parental & sick leave
Discounts: technology, travel, auto, fitness, & tuition
Risks
ISO 20022 transition may challenge smaller business partners.
'Quishing' attacks pose a growing threat to consumer security.
Openbank faces competition in the U.S. high-yield savings market.
Differentiation
Santander's Openbank offers a 5.00% APY high-yield savings account nationwide.
The bank's Inclusive Communities Plan pledges $13.6 billion for community initiatives.
Santander's ISO 20022 adoption enhances operational efficiency and data management.
Upsides
Openbank's high-yield savings account attracts more U.S. customers.
Santander's renewable energy financing highlights commitment to sustainable investments.
Proactive cybersecurity measures enhance customer trust and protect digital assets.
Related Jobs
RemoteRemoteOperations Risk Analyst
KalshiSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteStaff Cyber Risk Analyst
GE HealthcareSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteVP of Department of Defense
OddballSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteIT Risk & Compliance Analyst
AngiSalary not specified
- Full Time
- Mid-level (3 to 4 years)
RemoteTechnical Accounting and Financial Reporting Manager
Self FinancialSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteCybersecurity Consultant / vCISO
Strata Information GroupSalary not specified
- Full Time
- Senior (5 to 8 years)