Sr. Associate, Information Security Designs, analyzes and supports the company's information technology structure, systems and processes. Acquires, designs, implements and operates the company's information technology resources (e.g., computer hardware, operating systems, communications, software applications, data, databases, etc.). Deploys, acquires, maintains and ensures security of information technology assets. Plans and tests processes to ensure compliance with system requirements, business objectives, security standards and other technical requirements.
Essential Functions/Responsibility Statements:
Provides direction and acts as an escalation point on projects and issues to other team members.
Interacts with partners as needed to explain work product, security techniques, methodology and results to ensure appropriate business value.
Acts as senior resource for incident response related activities. Collaborates with technical teams for security incident remediation and communication.
Acts as influencer of peers and management.
Oversees management and deployment of security infrastructure including Vulnerability Management, WAF, Network Monitoring, Logging correlation, DDOS prevention and IPS/IDS.
Provides technical security consulting support to address complex business and technology projects and requests.
Contributes to strategic planning to evaluate, deploy or update security technologies.
Analyzes and implements security solutions to meet customer requirements.
Conducts risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications and systems.
Promotes cross-department collaboration and communication to ensure appropriate processes, procedures and tools are installed, monitored, and effectively operating and alerting.
Allocates and prioritizes security resources efficiently within the organization managing both resources and budgets.
Conducts security research on threats and remediation methods.
Develops and maintains a set of operational and forward looking security metrics.
Oversees daily monitoring of security reports to identify issues and follow these issues to resolution.
Oversees security projects and the security testing of new and existing applications.
Prepares system security reports by collecting, analyzing, and summarizing data and trends; presents reporting for management review.
Creates process improvement by identifying inefficiencies and solutions for process improvements.
Writes clear implementation guidelines for the implementation engineers.
Guides and confirms that the design has been implemented as per the requirements.
Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
Qualifications: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Education: Bachelor's Degree or equivalent work experience: Computer Science, Engineering or Information Technology Management, or equivalent field.
Work Experience:
9+ Years Experience in IT Security.
5+ Years Experience with CheckPoint, Palo Alto, FireEye, Imperva, Security Center, Splunk.
5+ Years Strong knowledge of PCI, SOX, ISO and NIST security standards.
5+ Years Experience with managing enterprise security projects.
5+ Years Experience with penetration testing.
Skills and Abilities:
Knowledge of risk assessment tools, technologies, and methods.
Experience planning, researching and developing security strategies, standards, and procedures.
Ability to work cooperatively in a team environment.
Strong understanding of security, incident response and/or networking/PC concepts.
Proven ability to understand and analyze complex issues, then apply experience and judgment to develop sound recommendations especially as related to malware, eDiscovery, current threats/attacks and/or vulnerability management.
Ability to communicate concisely, effectively and directly to executive management.
Proven relationship building skills working with mid to senior level management and cross-functional teams; strong understanding of risks; additional focus on leadership; strong interpersonal skills; delivers precise, accurate results to meet commitments; mentors other team members.
Demonstrated presentation development; tailors message as needed; comfortable presenting to all levels; strong writing skills; demonstrates creativity in articulating messages that support recommendations.
Diversity & EEO Statements: At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams. We actively encourage everyone to apply.
Working Conditions: Frequent minimal physical effort such as sitting, standing and walking. Occasional moving and lifting equipment and furniture is required to support onsite and offsite meeting setup and teardown. Physically capable of lifting up to fifty pounds, able to bend, kneel, climb ladders.
#J-18808-Ljbffr