Technology Controls Tester

company banner
Santander Holdings USA, Inc.
Tester, Risk Management, Test, CISSP, Security, Network, CCNA, IP, SDLC, Windows, IT, Testing
Full Time

Job Description

Technology Controls Tester - 2001985


The Sr Associate, Business Control & Risk Management provides centralized support through internal process review, quality audits, and testing to ensure operational risks are appropriately identified and controls are working as designed. As a first line of defense, s/he tests business processes and controls, identifies gaps within processes, tracks error trends and documents results in appropriate operational system. The Specialist, Business Control identifies, responds and/or escalates risks as appropriate.

Essential Functions:
  • Annually, execute Risk and Control Self-Assessment (RCSA) program in accordance with enterprise methodology.
  • Acts as a liaison with Risk and Compliance or second line of defense- to develop and implement new policy requests/revisions, to complete all line of business related risk assessments, risk mandates, continuity plans, resolution plans and execution.
  • Analyzes, evaluates and provides strategic guidance and direction for programs, policies and procedures to ensure alignment with regulatory requirements and acceptable risk mitigation practices.
  • Test appropriate controls and procedures reflecting the standards set forth in the policies and Regulations while accounting for risks inherent in the products, services, types of customers, locations of customers, and functions of the Business Unit.
  • Lead teams during the field work in testing the design of the controls and operating effectiveness of the controls.
  • Develops implements and monitors compliance program and controls for the assigned area. Identifies gaps in controls, proposes solutions, and implements corrective actions,
  • Documents, evaluates and, where appropriate, improves policies, practices and procedures.
  • Assists with developing, managing and enforcing standard processes, tools, protocols, audit requests with internal and external stakeholders to meet project objectives.
  • Acquires and applies a developing understanding of risk and control issues within the business.
  • Looks for process improvements and efficiencies and makes recommendations to improve policy and procedures.
  • Reports to management on regulatory developments and risks/issues identified within assigned technology area. Regularly provides reports/updates to management team on progress.



Education & Certification -
  • Bachelor's Degree or equivalent work experience
  • CISA/CISSP/CRISC/Security+, Network +, or CCNA Certification (at least one certification desired)

Experience and Technical Skill-
    • 5-7 years Risk Management or equivalent experience
    • Data Analytics

      Skills & Abilities -
  • Prior experience with Risk and Control Self-Assessment (RCSA) / Cyber-risk assessment / Cyber security assessment / SOX testing is required.
  • Develop and document test procedures and/or document recommendations for test plan modifications that improve validation of control objectives. Test procedure development may cover a wide range of technically diverse topics ranging from IP Network Discovery, access management, network security/operation, vulnerability management, Information Security, SDLC, Backup and others.
  • Knowledge and understanding of basic concepts of technology areas across municipal technology platforms including Windows, LINUX, Network and IT Operations, and Virtualization to assess and test technology/info sec controls. (Must be knowledgeable in at least few of these areas).
  • Data analysis skills and ability to develop scripts to gather data required for control testing/assessment. Automate Testing procedure where possible.
  • Perform multi-platform (application, database, operating system, middleware, monitoring tools, and business processes) level testing. Obtain, review, and interpret evidence provided to validate controls are performed effectively and identify vulnerabilities, gaps, or control deficiencies . Identify risks associated with control failures and supports the identification of mitigating controls .
  • Ability to accurately document control testing results in sufficient details.
  • Big 4 experience is desired.
  • Excellent presentation, interpersonal, written and verbal communication skills.
  • Foundational understanding of regulations including internal controls, Sarbanes-Oxley (SOX), SOC, PCI, GLBA, and NYDFS compliance.
  • Knowledgeable in applicable frameworks including NIST Cybersecurity Framework, COBIT, COSO, ITIL, etc.
  • Strong process facilitation, project management, and analytical skills.
  • Understanding of the products/services, systems, and associated risks/controls.
  • Knowledge of Risk/Compliance/Audit competencies.
  • Proficient computer navigation skills using a variety of software packages, including Microsoft Office applications and word processing, spreadsheets, databases, and presentations.


At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams. We actively encourage everyone to apply.

Job: Business Control

Primary Location: Massachusetts-Dorchester-2 Morrissey Boulevard - 06367 - Columbia Park-Corp

Organization: Technology (5900)

Schedule: Full-time

Job Posting: Jul 16, 2020, 6:21:49 PM


Company Information

Santander N.A. offers a one-of-a-kind opportunity to learn and grow, while building genuine relationships with coworkers and making an impact through innovative work that you do. Our technology teams within Santander Bank and Santander Consumer USA support the development, implementation and ongoing maintenance of all corporate and consumer-centric systems. These teams have the expertise and commitment to develop high-quality solutions to meet the needs of a fast-paced and complex operating environment. Santander Bank, which is headquartered in Boston, serves the Northeast and brings simplified, personal banking to everyone in the region. Right now, we're at over 10,000 employees, and when you bring your bright ideas and go-getter attitude to our team, you'll have the chance to build on our success and take your career to the next level. Santander Consumer USA (NYSE: SC) is based in Dallas and has additional locations in Fort Worth, Denver and Mesa, AZ. As one of the fastest-growing companies in the automotive finance sector, we offer an environment with an entrepreneurial spirit that’s driven by technology. We currently have more than 5,000 employees who help us manage over $52 billion in assets.
Dice Id : 10187888
Position Id : 2001985
Originally Posted : 3 months ago

Similar Positions at Santander Holdings USA, Inc.

Desktop Engineer
  • Dallas, TX
  • 2 days ago