Hardening & CSPM (Cloud Security Posture Management )Lead

About The Position

Requirements

• Bachelor's Degree or equivalent work experience: Computer Science, Engineering or Information Technology Management, or equivalent field. - Required.
• 5+ years of experience in systems administration, IT operations, or information security roles.
• Hands-on involvement in implementing or monitoring security configuration baselines (e.g., CIS Benchmarks).
• Practical experience performing compliance checks, identifying misconfigurations, and coordinating remediation activities.
• 1+ year of direct experience with Cloud Security Posture Management (CSPM) tools and cloud platform hardening.
• Experience interacting with cross-functional teams such as system administrators, software delivery, audit, or compliance.
• Demonstrated track record of ownership and accountability in operational security tasks.
• Proven experience in system administration or IT operations, with a strong understanding of system configuration and security.
• Practical experience with CIS Benchmarks , including hardening of IT assets and cloud platforms.
• Hands-on experience with Cloud Security Posture Management (CSPM) tools such as Sysdig, Wiz, or equivalent.
• Familiarity with compliance and vulnerability management platforms (e.g., Tenable, Qualys).
• Ability to analyze, troubleshoot, and resolve technical and compliance-related issues.
• Strong critical thinking and problem-solving skills, with the ability to handle ambiguity.
• Excellent collaboration and communication skills; able to work effectively across teams and with external stakeholders.
• Strong sense of ownership and accountability .
• Proactive and resourceful; able to anticipate issues and take initiative.
• Collaborative mindset, with the ability to build trust and drive results across teams.
• Detail-oriented and methodical, ensuring accuracy in compliance assessments.
• Comfortable operating in a fast-paced environment with shifting priorities.
• Spanish proficiency is a strong plus.

Nice To Haves

• Established work history or equivalent demonstrated through a combination of work experience, training, military service, or education.
• Experience in Microsoft Office products.
• Prior experience coordinating with audit and risk management functions.-Preferred
• Exposure to cross-functional security areas such as Application Security or Vulnerability Management.-Preferred

Responsibilities

• Lead the technical execution and supervision of the Hardening Compliance function, covering both on-premises systems and cloud platforms.
• Oversee the planning, execution, and monitoring of hardening controls and CSPM controls for IT and cloud assets.
• Act as a hands-on contributor , directly performing compliance checks and remediation activities when needed.
• Coordinate with system administrators, delivery teams, auditors, and Risk & Compliance stakeholders to ensure alignment and accountability.
• Investigate anomalies (e.g., drops in compliance scores) to differentiate between false positives and true configuration issues before requesting remediation.
• Ensure controls and processes remain aligned with regulatory requirements, internal policies, and CIS Benchmarks (including cloud benchmarks).
• Lead efforts to optimize and streamline semi-manual processes, with the goal of improving efficiency and scalability.
• Serve as the primary technical point of contact for escalations within the Hardening Compliance and CSPM functions.

Benefits

• Santander Benefits - 2025 Santander OnGoing/NH eGuide (foleon.com)