Manager, IT RCSA

Company: Santander Holdings USA Inc
Location: Miami
Posted on: January 27, 2023

Job Description:

Manager, IT RCSA

Miami, United States of America

WHAT YOU WILL BE DOING

The Manager, IT RCSA operates within the first line of defense and is accountable leading the Business Control & Risk Management (i.e., Information Technology Risk and Control Self-Assessment) team in the oversight and governance of Business Line (IT) execution against the Enterprise Risk Management Framework. The Manager will manage a team that works to identify, assess and test various Information Technology (IT) risks and controls through the defined risk program requirements. The Manager will oversee the evaluation of key IT processes, review internal control/quality reports and participate in risk initiatives and lead opportunities for improved efficiency, effectiveness and/or efforts to reduce exposure to top/material business risks. S/he supports and monitors IT's adherence with corporate policies and procedures including regulatory/legal obligations.

The Manager provides leadership within the Business Control & Risk Management team(s) and IT and must be able to effectively lead and collaborate with various stakeholders while influencing strategic goals.

Monitors activities to minimize the company's exposure to risk. Activities may include quantitative analysis, risk identification and remediation. Represents or supports the reputation of the company to minimize compliance and regulatory risk by resolving issues and ensuring adherence to company and legal standards. Responsible for ensuring that all IT activities adhere to the necessary rules and regulations, and that the company complies with legal/regulatory statutes and jurisdictions.

Responsibilities:

• Drive Risk Culture: Establishes expectations, ownership and accountability for risk management within the Business Line (IT). Ensure awareness in the Business Line (IT) of risk frameworks, policies and standards.
• Communication & Training: Act as central point of contact for receipt and distribution of risk related information between SLoD risk teams and Business Line (IT). Maintain two-way communications with SLoD. Facilitate training for Business Line (IT) to provide awareness of risk frameworks, policies, programs, processes, etc.
• Adherence to Risk Frameworks, Policies, and Standards: Partner with SLoD to provide input/review of frameworks, policies and standards. Facilitate Business Line (IT) awareness of and adherence to risk frameworks, policies, and standards through internal control testing and issue validation. Report and escalate exceptions and facilitate Business Line (IT) corrective actions.
• Continuous Monitoring: Continuously monitors all sources of risk existing within the Business Line (IT) and externally. Engage in research, peer networking, and experience to anticipate critical risk issues impacting the Business Line (IT). Monitor Key Risk Indicators and report on negative/adverse trends in Business Line (IT). Monitor risk profile to maintain tolerance within Risk Appetite.
• Issue Identification, Management, and Risk Assessment: Conduct IT RCSA responsibilities including Process Mapping, Risk & Control Matrices, Inherent Risk Assessments, and IT Control testing.
• Engage and hold Business Line (IT) process owners accountable to identify and assess risks.
• Support Business Line (IT) in risk identification. Ensure all issues pertaining to the Business Line (IT) are resolved within established timelines. Validate issues to ensure Business Line (IT) remediation is sufficient to address root cause and prevent recurrence.
• Internal Control Testing: Implement and maintain internal control testing and control effectiveness monitoring in the Business Line (IT). Validate the adequacy of controls, escalate deficiencies as appropriate. Identify root causes of control deficiencies/weaknesses and take appropriate action to ensure Business Line (IT)s remediate and prevent recurrence.
• Exam Management: Liaison with the Business Line (IT) for all exam related activities including regulatory, Internal Audit, etc. Review materials, responses and validate Business Line (IT) remediation work (e.g., artifacts, action plans, etc.) Qualifications:
  
  To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
  
  Education:
  • Bachelor's Degree or equivalent work experience in Information Technology, Business, Risk Management, or equivalent field. (Req)
  • Master's Degree in Information Technology, Business, Risk Management, or equivalent field. (Pref) Licenses & Certifications -
    • Preferred Professional Certification such as CRISC, CISA, CISSP Work Experience:
      • 10+ years within IT Audit or IT RCSA programs. Previous management experience managing small teams Skills and Abilities:
        • Through the execution of a defined risk and controls self-assessment program analyzes, evaluates, and provides strategic guidance and direction for programs, policies, and procedures to ensure alignment with regulatory requirements and acceptable risk mitigation practices.
        • Experience Independently developing and documenting test procedures and/or documenting recommendations for test plan modifications that improve validation of control objectives. Test procedure development may cover a wide range of technically diverse topics ranging from IP Network Discovery, access management, network security/operation, vulnerability management, Information Security, SDLC, Backup and others. Should have extensive experience testing IT controls across multiple IT domains and evaluating both automated and manual controls. related to Information Security or IT infrastructure domains.
        • Ability to work on multiple concurrent assessments.
        • Ability to work under pressure and meet deadlines.
        • Strong risk assessment, negotiation and problem resolution skills.
        • Strong collaboration and relationship management skills.
        • Self-starter, able to establish relationships and transcend multiple cross-functional/divisional boundaries, largely unaided.
        • Proven ability to apply strategic thinking to multiple, complex organizational and business issues, and has ability to translate into practical plans for project execution.
        • Project management skills.
        • Knowledge and working understanding of additional auditing standards, theories, concepts, and terms (including Sarbanes-Oxley, COBIT and the COSO Integrated Control Framework).
        • High sense of urgency with ability to drive results.
        • Must be able to "hit the ground running".
        • High proficiency in PowerPoint, Word and Excel.
        • Excellent verbal and written communication/presentation skills. Diversity & EEO Statements: At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams. We actively encourage everyone to apply.
          
          Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.
          
          Working Conditions: Frequent Minimal physical effort such as sitting, standing and walking. Occasional moving and lifting equipment and furniture is required to support onsite and offsite meeting setup and teardown. Physically capable of lifting up to fifty pounds, able to bend, kneel, climb ladders.
          
          Employer Rights: Employer Rights: This job description does not list all of the job duties of the job. You may be asked by your supervisors or managers to perform other duties. You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time. This job description is not a contract for employment and either you or the employer may terminate at any time for any reason.
          
          English
          
          Primary Location: Miami, Florida, United States of America
          
          Other Locations: Florida-Miami
          
          Organization: Santander Consumer USA Inc.
          
          

Keywords: Santander Holdings USA Inc, Miami , Manager, IT RCSA, Executive , Miami, Florida