Banco Santander Brazil - Boston, MA
posted 13 days ago
The Senior Associate, Cloud Risk Management is responsible for the strategic development, implementation, and effective execution of the Operational Risk (OR) program, the key program elements of which cover: internal loss, external loss, risk assessment, business impact assessments, KRIs, scenario analysis / stress testing, training, awareness, and communication, issues and remediation planning, tracking, MIS and reporting, testing, compliance, and monitoring. Monitors activities to minimize the company's exposure to technology and information risk associated with the adoption and deployment of cloud technologies. Activities may include technical risk analysis, risk identification and remediation. Represents or supports the reputation of the company to minimize compliance and regulatory risk by resolving issues and ensuring adherence to regulatory requirements, industry good practice frameworks and company and legal standards. Responsible for ensuring that all of the company's activities adhere to the necessary rules and regulations, and that the company complies with legal/regulatory statutes and jurisdictions. The Senior Associate, Cloud Risk Management within the Technology and Information Risk Management organization reports to the Director - Emerging Technology Risk and is responsible for ongoing oversight, assessment, management and reporting of technology and cybersecurity risks associated with the adoption and implementation of Cloud, across all operating entities. This role is established in the second line of defense and requires collaboration across IT, CISO, Data Office, Operational Risk, Internal Audit and other relevant functional stakeholders within the organization in the management of Emerging Technology risks. An excellent understanding of the evolving regulatory landscape in the US and EU are vital for success in this role. The day-to-day focus may vary depending on the requirements of the overall second line of defense program priorities directed by the Head of Technology Risk and may include: planned or ad-hoc technical risk reviews, technical review of cloud security architectures, review and challenge activities of IT or Business initiatives, Risk reporting, development as well as review and challenge of technical risk framework and methodologies.
Match and compare your resume to any job description
Start Matching