Security Architect

Santander Group is the leading bank that, through more than 160 years of reinvention, has become a borderless organization with a presence in over 40 countries, 95 nationalities, and multicultural teams that share 4 languages. What matters most to us are our customers, employees, shareholders, and society, as part of our mission to contribute to the progress of people and businesses, always acting in a Simple, Personal, and Fair manner.

Objective: Ensures that the stakeholder security requirements necessary to protect the organization’s mission and business processes are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.

Functions:

• Analyze business needs and requirements to plan security architecture.
• Conduct risk analysis, feasibility study, and/or trade-off analysis to develop, document, and refine functional requirements and specifications.
• Conduct Privacy Impact Assessments (PIAs) of the application’s security design for the appropriate security controls, which protect the confidentiality and integrity of Personally Identifiable Information (PII).
• Analyze candidate architectures, allocate security services, and determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately.
• Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment. Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.
• Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data primarily applicable to the Bank (Public, Internal, Confidential, Restricted-Confidential, Secret)
• Define appropriate levels of system availability based on critical system functions and ensure that system requirements identify appropriate disaster recovery and continuity of operations requirements to include any appropriate fail-over/alternate site requirements, backup requirements, and material supportability requirements for system recover/restoration.
• Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture standards, regulatory requirements, and security policies. Require and review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network, and develop a security risk management plan for the information system.
• Validate specifications and requirements for testability.
• Coordinate with systems architects and developers, as needed, to provide oversight in the development and implementation of design solutions.
• Design, document and update security standards.
• Provide input on security requirements to be included in statements of work and other appropriate procurement documents.
• Prepare use cases to justify the need for specific security solution

Knowledge:

Knowledge of access authentication methods, applicable business processes and operations of customer organizations, application vulnerabilities, authentication, authorization, and access control method, computer networking concepts and protocols, and network security methodologies, how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).

At Banco Santander, we strive to provide the best experience during your process. If you require any reasonable accommodations or support, please share this with the team.