US Head of Cyber Operations - Director

The US Head of Cyber Operations Director oversees various elements of the Cybersecurity program, including monitoring events, gathering threat intelligence, conducting threat hunting, managing incident response, and preventing insider threats and data leaks. This individual manages several team members and reports directly to the Chief Information Security Officer, playing a crucial role in safeguarding the security of Santander US.

Responsibilities:

• Assess risk, identify business threats, and evaluate security program capabilities to create a security operations strategy aimed at continuously achieving specified security outcomes while reducing risk.
• Manage response, triage, and recovery efforts for Information Security incidents affecting the Company’s IT assets.
• Address and oversee security events, engage in security investigations, and utilize tools to report incident outcomes to senior management.
• Perform real-time security incident management and tracking (e.g., forensic collections, intrusion correlation/tracking, threat analysis, direct system remediation) to support the Incident Response Team.
• Proactively assess and enhance preventative and detective capabilities, both on-premises and in the cloud.
• Develop collaborative relationships with IT Infrastructure teams to build and deploy security event detection and incident response (IR) measures.
• Coordinate response procedures across Legal, HR, IT, and Global departments, and provide incident communications during cybersecurity events.
• Create standard operating procedures in collaboration with Global cyber operations leadership to enhance security operations, improve response capabilities, and meet global compliance requirements.
• Work with legal partners to ensure that forensic and employee relations investigations comply with legal standards.
• Collaborate with examiners and auditors during technology examinations, gathering information and addressing findings.

Education:

• Bachelor's Degree or equivalent work experience: Computer Science, Engineering or Information Technology Management, or equivalent field.
• Master's Degree Computer Science, Engineering or Information Technology Management, or equivalent field. Pref

Work Experience:

• 9+ Years Experience in information security, governance, IT audit, or risk management.

Skills and Abilities:

• Prior experience managing cyber operations functional areas and teams including hands-on experience with key tooling including Splunk and Resilient.
• Comfortable working with executive and technical leadership around the company to inform on cyber threats and discreetly handle sensitive matters.
• Strong general technology background
• Strong leadership skills and the ability to lead by example
• Ability to drive execution of aggressive goals through effective planning, prioritization, resource management and follow through.
• Advanced networking and operation tools (i.e. – Log management, Firewall management, SIEM, etc...).
• Demonstrated experience with information security frameworks
• Ability to manage multiple, ongoing initiatives
• Strong communications skills
• Ability to foresee industry trends
• Ability to maintain and implement best practices within field
• High level understanding of Information Security threats and maintenance
• Demonstrated understanding of technological trends and developments in the areas of information security, risk management, web architectures, and cloud computing.
• Demonstrated ability to frame security and risk-related concepts to both technical and nontechnical audiences.
• Experience working with business process reengineering and IT solutioning; experience working on project teams bringing together both business & technology. Capable of explaining technical concepts to a non-technical audience.
• Demonstrated experience in handling cyber incidents and response in similar critical environments
• Proficient in preparation of reports, dashboards, and documentation
• Advanced knowledge of network protocols and operating systems

Diversity & EEO Statements: At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams. We actively encourage everyone to apply.

Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.

Working Conditions: Frequent Minimal physical effort such as sitting, standing and walking. Occasional moving and lifting equipment and furniture is required to support onsite and offsite meeting setup and teardown. Physically capable of lifting up to fifty pounds, able to bend, kneel, climb ladders.

Employer Rights: This job description does not list all of the job duties of the job. You may be asked by your supervisors or managers to perform other duties. You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time. This job description is not a contract for employment and either you or the employer may terminate at any time for any reason.