Cyber Security Analyst - SDS

WHY YOU SHOULD JOIN US

At Santander, you can be part of one of the largest transformations the World is experiencing in the past several decades. The emergence of disruptive platforms as a business model has reshaped other industries and is poised to do the same in financial services. To do so, we are transforming our Technology function, with 500+ new hires planned for this 2020.

This change is only possible with people like you, who will help us to raise the bar. We aim to bring technologists, passionate professionals who live and breathe technology, who will be constantly seeking different ways of doing things, learn a new language every year, keep old computer parts and reuse them in strange projects around the house, continually tinker with electronic gadgets of all sorts, and be considered the geekiest person around by all their friends and family. That might be a bit of exaggeration, but you get the idea of what we are looking for.

And on top of a meaningful job, we care about you. At Santander, this means creating a workplace that respects your individuality and supports you to enjoy life outside work. You will enjoy flexible working conditions, a global well-being program, BeHealthy, and will be entitled to spend a certain number of hours each month volunteering.

WHAT YOU WILL BE DOING

As a Cyber Analyst your mission will be to support cybers security in the company, participating in the definition, execution and follow up of cyber projects, controls, and business as usual activities, helping to strengthen our defenses against internal and external threats.    

We need somebody like you to help us in different fronts:

• Review Applications users modules & user lifecycle, regular recertification processes, exceptions, and approvals, in line with Santander Group policies.
• Contributing to the development, implementation, and execution of the controls: documenting and reviewing the scope and objectives associated with the Security controls.
• Supporting Internal and External Audit requests, working closely with Compliance, Audit and Risk & Control Partners to ensure actioned on a complete, accurate, and timely basis.
• Review of evidence / documents / controls to ensure required remedial action has been completed.
• Cyber technology risk management: coordinate the adoption of Cyber Framework, Cyber & Technology Risk policies and procedures ensuring that policies and procedures are compliant with regulatory requirements.
• Knowledge of Identity tools, and how to enroll applications or identities in Sailpoint, CyberArk, etc;
• Knowledge about Azure AD and Active Directory
• Knowledge about Network devices & security Devices like Firewall or IPS
• Spotting and addressing deficiencies between current and desired state of IAM related matters.
• Collaborate with other areas in the definition of roles and segregation of duties
• Ensuring compliance requirements and supporting audits in security controls.
• Collaborates across business units within the organization to ensure consistency in policies and procedures.
• Participating in the development and enhancement of the Methodologies and Standards including in the group policy

WHAT WE ARE LOOKING FOR

• Required qualifications

• Knowledge in Cyber Security in financial sector
• Support in cyber controls implementation and oversee
• Knowledge of information technology, security solutions and frameworks
• Understanding of technical and human aspects of cyber threats and security
• Ability to understand the business context and technology manage uncertainty
• Understanding of IT and Information Security solutions, processes and systems
• Strong communication skills, both written and verbal
• Strong problem solving and innovative mind-set to ensure a clear focus on the forward agenda
• Knowledge of information technology and security solutions and frameworks, such as Cyber Security Framework from NIST
• Analysis of cybersecurity events to detect and respond to threats in time. Develop continuous improvement plans that allow us to focus on the most relevant events.
• Resolution of cybersecurity incidents in a timely manner. Evaluate and improve incident response plans, as well as the development of scenarios.
• Execution of cybersecurity controls aligned with the group's strategy, seeking continuous improvement and risk mitigation.
• Manage measures to prevent data leakage.
• Support in cybersecurity event plans to detect and respond to threats in time.

• Experience
  • 5 years’ experience with Identity Management applications & Network Security Solutions (Consultant, integrator, management)
  • Experience on SOX controls (implementation and/or audit).
  • Azure & AD users and Policy Management
  • ZT Environment – Knowledge & Overview

• Skills & Knowledge in
  • Knowledge in access control implementation and monitoring.
  • Knowledge of information technology and security solutions and frameworks.
  • Experience as a compliance analyst, information risk specialist, or information technology auditor.

       Recommended

• Technical skills on Access control on different technologies (eg. Unix, linux, Windows, Oracle, SQL, RACF, OS400, etc.).
• Information security/risk management certification such as ISO27001, BS7799, ISACA, CISSP, etc.
• Experience working with any of the usual banking processes

WHAT WE OFFER YOU

• A competitive economic package
• Flexiworking
• Telecommuting
• Prime office space, with on premise gym, hairdresser, convenience store and many other amenities, including daily free lunch
• Top notch computer and office equipment at your disposal

ABOUT US

We are the Technology and Operations team for Santander Group. We are convinced of the importance of technology that is aligned with the requirements of the business and that our work not only brings value to users, people and communities but also fosters individual creativity. Our team of over 2,000 people in 7 countries (Spain, Portugal, UK, USA, Mexico, Chile and Brazil) develops and/or implements financial solutions across a broad spectrum of technologies (including Blockchain, Big Data and Angular among others) on all kinds of onpremise and cloud-based platforms

At Santander you will enjoy #TheSantanderEffect. Here, with only a small action or a simple idea, you can do great things. We offer you the advantages and the means to contribute to the progress of more than 140 million people around the world. These are the key factors that multiply the actions of all our employees:

• Meaningful Impact - Where the effect of your work makes a difference and helps people to prosper
• Personal and Professional Growth - The chance to develop through world-class training, challenging work, and different roles
• Respect - Be part of an organization that cares – about its people, its wider community, and the environment
• Co-worker quality - Work with inspiring professionals who are leaders in their field

If you want to know more about us, follow us on https://es.linkedin.com/company/banco-santander