.. quality of care to patients and their families, we would like to hear from you! Benefits: Actual Work/Life Balance Competitive Pay Benefits Package including Medical, Dental, and Vision insurance Paid Time Off 401k plan with employer match and 100% vesting after 90 days of employment A culture with an .. read more
Overview:
The Sr. Associate for Information Risk Management is responsible for the strategic development, implementation, and effective execution of activities in the Information Risk Management (IRM) program. The key program elements of which cover include internal loss, external loss, risk assessment, business impact assessments, KRIs, scenario analysis / stress testing, awareness, and communication, issues and remediation planning, tracking, MIS and reporting, testing, compliance, and monitoring.
Functions:
• Conducts End-to-End Risk Assessments for IT Processes to identify gaps in control design or operational effectiveness and to recommend establishing controls necessary to mature the existing processes • Analyzes, measures performance, monitors trends, defines limits according for Santander Consumer USA IRM Risk exposures in accordance to Risk Appetite. • Assist in the ongoing oversight of IRM as part of the established Operational Risk (OR) Framework in support of the first line of defense. • Contributes to escalation, reporting, communication to Risk Governance Forums. • Helps drive culture of risk awareness. • Supports the creation, management, and development of IRM program strategy, policies and models within the Santander Consumer USA to reduce risk for technology operations and Information and Cyber Security.
Requirements:
• Bachelor's Degree: Business, Finance, Management, or equivalent field. • or equivalent work experience • Experience - • 8+ years Risk Management or Governance, Risk and Compliance (GRC) • 8+ years combined in Information Technology, Cyber or Information Security • 3-6 years Financial Services industry • Review and analysis of security-related configuration and hardening standards for Windows, ESX, and RedHat servers, Windows laptops/desktops, SQL Server database and network technologies within the enterprise. • Reviewing configuration and policies of Information Security Scanning Tools covering operating systems and databases. • Review and challenge compliance metrics published by corporate-wide audience and prepare conclusions for review by ORM (Operational Risk Management) and senior management. • Review and verify compliance with Information Security related standards and process documentation (e.g. End User Computing and Macro Governance) • Supporting internal and external audit exercises. • Regulatory Knowledge: Gramm-Leach Bliley Act (GLBA), Sarbanes-Oxley (SOX), OCC Heightened Standards, FFIEC Guidelines, NYDFS, GDPR
Skills and Abilities:
• Strong operational risk management principles, methodologies and tools, governance principles and activity preferably in a financial services technology environment. • Ability to independently operate in a complex, matrixed environment; adept at delivering and maintaining productive working relationships across business, functions, geographies and lines of defense • Advanced technology or operational risk, process, and control validation and/or assessment skills. • Ability to handle conflict resolution with other groups to ensure appropriate accounting guidance is followed. • Ability to adjust to new developments/changing circumstances. • Ability to convey a sense of urgency and drive issues/projects to closure. • Ability to effectively interact with the market, executive management and vendors. • Ability to adapt and adjust to multiple demands and competing priorities. • Excellent written and oral communication skills. • Excellent analytical, organizational and project management skills. • Strong project management skills.
Required Skills : Basic Qualification : Additional Skills : Background Check :Yes Drug Screen :Yes Notes : Selling points for candidate : Project Verification Info : Candidate must be your W2 Employee :No Exclusive to Apex :No Face to face interview required :No Candidate must be local :No Candidate must be authorized to work without sponsorship :Yes Interview times set : :No Type of project :Other Project Type Master Job Title :VMS Access Entry Branch Code :Boston
The Sr. Associate for Information Risk Management is responsible for the strategic development, implementation, and effective execution of activities in the Information Risk Management (IRM) program. The key program elements of which cover include internal loss, external loss, risk assessment, business impact assessments, KRIs, scenario analysis / stress testing, awareness, and communication, issues and remediation planning, tracking, MIS and reporting, testing, compliance, and monitoring.
Functions:
• Conducts End-to-End Risk Assessments for IT Processes to identify gaps in control design or operational effectiveness and to recommend establishing controls necessary to mature the existing processes • Analyzes, measures performance, monitors trends, defines limits according for Santander Consumer USA IRM Risk exposures in accordance to Risk Appetite. • Assist in the ongoing oversight of IRM as part of the established Operational Risk (OR) Framework in support of the first line of defense. • Contributes to escalation, reporting, communication to Risk Governance Forums. • Helps drive culture of risk awareness. • Supports the creation, management, and development of IRM program strategy, policies and models within the Santander Consumer USA to reduce risk for technology operations and Information and Cyber Security.
Requirements:
• Bachelor's Degree: Business, Finance, Management, or equivalent field. • or equivalent work experience • Experience - • 8+ years Risk Management or Governance, Risk and Compliance (GRC) • 8+ years combined in Information Technology, Cyber or Information Security • 3-6 years Financial Services industry • Review and analysis of security-related configuration and hardening standards for Windows, ESX, and RedHat servers, Windows laptops/desktops, SQL Server database and network technologies within the enterprise. • Reviewing configuration and policies of Information Security Scanning Tools covering operating systems and databases. • Review and challenge compliance metrics published by corporate-wide audience and prepare conclusions for review by ORM (Operational Risk Management) and senior management. • Review and verify compliance with Information Security related standards and process documentation (e.g. End User Computing and Macro Governance) • Supporting internal and external audit exercises. • Regulatory Knowledge: Gramm-Leach Bliley Act (GLBA), Sarbanes-Oxley (SOX), OCC Heightened Standards, FFIEC Guidelines, NYDFS, GDPR
Skills and Abilities:
• Strong operational risk management principles, methodologies and tools, governance principles and activity preferably in a financial services technology environment. • Ability to independently operate in a complex, matrixed environment; adept at delivering and maintaining productive working relationships across business, functions, geographies and lines of defense • Advanced technology or operational risk, process, and control validation and/or assessment skills. • Ability to handle conflict resolution with other groups to ensure appropriate accounting guidance is followed. • Ability to adjust to new developments/changing circumstances. • Ability to convey a sense of urgency and drive issues/projects to closure. • Ability to effectively interact with the market, executive management and vendors. • Ability to adapt and adjust to multiple demands and competing priorities. • Excellent written and oral communication skills. • Excellent analytical, organizational and project management skills. • Strong project management skills.
Required Skills : Basic Qualification : Additional Skills : Background Check :Yes Drug Screen :Yes Notes : Selling points for candidate : Project Verification Info : Candidate must be your W2 Employee :No Exclusive to Apex :No Face to face interview required :No Candidate must be local :No Candidate must be authorized to work without sponsorship :Yes Interview times set : :No Type of project :Other Project Type Master Job Title :VMS Access Entry Branch Code :Boston