Sr. Specialist, Information Security

It Starts Here:

Santander is a global leader and innovator in the financial services industry and is evolving from a high-impact brand into a technology-driven organization. Our people are at the heart of this journey and together, we are driving a customer-centric transformation that values bold thinking, innovation, and the courage to challenge what’s possible.  This is more than a strategic shift.  It’s a chance for driven professionals to grow, learn, and make a real difference.

If you are interested in exploring the possibilities We Want to Talk to You!

The Difference You Make:

The Sr. Specialist, Information Security is responsible for developing, implementing, and maintaining information security standards, policies, and procedures to protect the organization’s systems, networks, and data. This role provides tactical security guidance, evaluates emerging technologies, and ensures appropriate controls are in place to safeguard critical infrastructure. The incumbent plays a key role in risk management, security operations, IAM governance, and audit support, while working closely with global teams to ensure alignment with enterprise security strategies.

Key Responsibilities:

• Promote security awareness across the organization through training, communications, and engagement initiatives.
• Develop, enhance, and enforce information security policies, standards, and procedures aligned with industry frameworks and regulatory requirements.
• Collaborate with global teams to support Business-As-Usual (BAU) security operations, ensuring consistent execution of security controls and processes.
• Perform independent, hands-on risk assessments across internal systems and third-party/vendor platforms, covering Information Security, Business Continuity, and compliance risks.
• Identify, assess, and communicate control gaps; recommend and track remediation actions across business and technology teams.
• Support internal and external audits by providing evidence, documentation, and control validation; partner with stakeholders to remediate audit findings.
• Develop and maintain risk management strategies for new and existing services in collaboration with business stakeholders.
• Monitor security measures and respond to incidents, including security breaches, vulnerabilities, and cyber threats.
• Provide reporting, dashboards, and metrics to track risk posture, control effectiveness, and operational performance.
• Stay current with evolving threats, regulatory requirements, and industry best practices.

Identity & Access Management (IAM) Responsibilities:

• Support IAM operations including user provisioning, deprovisioning, role management, and access reviews.
• Manage and monitor access controls across systems, applications, and cloud environments following least privilege principles.
• Perform user access certifications (UARs) and periodic reviews to ensure compliance.
• Assist in Privileged Access Management (PAM) processes, including privileged account monitoring and controls.
• Investigate and resolve access-related issues and security incidents.
• Support IAM governance, including policy enforcement, segregation of duties (SoD), and compliance alignment.
• Collaborate with application owners and business teams to define and implement role-based access controls (RBAC).
• Contribute to IAM-related audit activities by providing evidence and ensuring control effectiveness.
• Identify opportunities to automate IAM processes using scripting or tools.

Education:

• Bachelor’s Degree in a related field or equivalent experience.

Qualifications:

• 3+ years of experience in Information Security, IT Risk, Governance, Audit, or related fields.
• Strong understanding of security frameworks, compliance (PCI, etc.), and risk management practices.
• Experience working in security operations or BAU environments within global teams.
• Knowledge of network protocols, operating systems, and cloud environments.
• Experience with security automation or scripting (Python, Ruby, or similar).
• Strong analytical skills in data aggregation, logging, and security monitoring.
• Ability to support and respond to cybersecurity incidents and investigations.
• Experience supporting audits and regulatory assessments, including evidence gathering and remediation tracking.
• Strong communication skills with the ability to explain technical concepts to non-technical stakeholders.
• Ability to manage multiple initiatives and drive execution in a fast-paced environment.
• Strong leadership and collaboration skills.

Certifications:

• No Certifications listed for this job.

It Would Be Nice For You To Have:

• Established work history or equivalent demonstrated through a combination of work experience, training, military service, or education.

• Experience with Identity & Access Management (IAM) tools and processes.
• Knowledge of Privileged Access Management (PAM) solutions.
• Familiarity with RBAC models, access governance, and SoD controls.
• Experience in business process reengineering and cross-functional project delivery.
• Understanding of emerging security trends and technologies.

Work Authorization & Sponsorship:
Applicants must be legally authorized to work in the United States on a full-time basis without requiring employer sponsorship to commence employment.

What Else You Need To Know:

The base pay range for this position is posted below and represents the annualized salary range. For hourly positions (non-exempt), the annual range is based on a 40-hour work week. The exact compensation may vary based on skills, experience, training, licensure and certifications and location.

Base Pay Range:

Minimum:

Maximum:

Risk Culture:

We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk management.

EEO Statement:

At Santander, we value and respect differences in our workforce. We actively encourage everyone to apply. Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.

Working Conditions:

Frequent minimal physical effort such as sitting, standing and walking is required for this role. Depending on location, occasional moving and lifting light equipment and/or furniture may be required.

Employer Rights:

This job description does not list all of the job duties of the job. You may be asked by your supervisors or managers to perform other duties. You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time. This job description is not a contract for employment and either you or the employer may terminate your employment at any time for any reason.

What To Do Next:

Review the internal eligibility guidelines here. If this sounds like a role you are interested in, then please apply.

We are committed to providing an inclusive and accessible application process for all candidates. If you require any assistance or accommodation due to a disability or any other reason, please contact us at TAOps@santander.us to discuss your needs.