Director, Cybersecurity Incident Response

Join to apply for the Director, Cybersecurity Incident Response role at Santander Bank, N.A.

2 weeks ago Be among the first 25 applicants

Join to apply for the Director, Cybersecurity Incident Response role at Santander Bank, N.A.

Get AI-powered advice on this job and more exclusive features.

Your Journey Starts Here

Santander is a global leader and innovator in the financial services industry. We believe that our employees are our greatest asset. Our focus is on fostering an enriching journey that empowers you to explore diverse career opportunities while nurturing your personal growth. We are committed to creating an environment where continuous learning and development are prioritized, enabling you to thrive both professionally and personally. Here, you will find ample opportunities to connect and collaborate with talented colleagues from around the world, sharing insights and driving innovation together. Join us at Santander, where you are supported by a culture of engagement and a commitment to your success.

Country: United States of America

Your Journey Starts Here

Santander is a global leader and innovator in the financial services industry. We believe that our employees are our greatest asset. Our focus is on fostering an enriching journey that empowers you to explore diverse career opportunities while nurturing your personal growth. We are committed to creating an environment where continuous learning and development are prioritized, enabling you to thrive both professionally and personally. Here, you will find ample opportunities to connect and collaborate with talented colleagues from around the world, sharing insights and driving innovation together. Join us at Santander, where you are supported by a culture of engagement and a commitment to your success.

An exciting journey awaits, if you are interested in exploring the possibilities We Want to Talk to You!

The Difference You Make

The Director, Information Security actively works with the lines of business to ensure that technology development and production are performed in accordance with organizations standards and applicable laws. The incumbent reports to the Director, Information Security, and works to establish and maintain the Information Security policy for the Corporation and ensures compliance to Santander Corporate Policy.

• Investigates security incidents and maintain Security Awareness program for the Corporation including articles, privacy training and Info Security.
• Provides consultation to ISBAN, an affiliated software development company to ensure software developed meets the requirements of security policy.
• Works with Santander Privacy Officer to fulfill the information technology requirements of the GLB Act and various state privacy laws.
• Partners with examiners and auditors on technology examinations gathering information and responding to findings.
• Partners with Santander Legal Department and affiliate company, Aquanima, to ensure appropriate security clauses are included in all technology contracts.
• Partners with Santander third party providers including Produban, an affiliated technology processing company, to ensure adequate security controls are implemented, monitored and reported to the Company.
• Manages the Incident Response processes and personnel.
• Coordinates response, triage and recovery activities for Information Security events impacting the Company’s information technology assets.
• Responds to and manages security events. Engages in security investigations and use tools to identify and report the outcomes of incidents to senior management.
• Performs real-time security incident handling and tracking (e.g., forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation) tasks to support Incident Response Team.
• Correlates incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
  
  

What You Bring

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Bachelor's Degree or equivalent work experience: Computer Science, Engineering or Information Technology Management, or equivalent field.

Master's Degree Computer Science, Engineering or Information Technology Management, or equivalent field.

9+ Years Experience in information security, governance, IT audit, or risk management.

9+ Years Experience in a technical security engineering or operations role, including network security, operating system security, Internet or Web security, Data Loss Prevention (DLP), anti-malware, IDS/IPS, and penetration and vulnerability testing.

• Develop and administer Cybersecurity Incident Response processes and review their application to ensure that Incident Response controls, policies, and procedures are operating effectively
• Provide oversight for the identification, investigation, and response of cybersecurity events or incidents of apparent security breaches
• Produce and review aggregated performance metrics
• Manage, supervise, and increase the effectiveness and efficiency of the Cybersecurity Incident Response program through improvements to each function as well as coordination and communication between support and business functions
• Play a significant role in long-term Cybersecurity Incident Response strategy and planning including initiatives geared toward operational excellence
• Train, develop, motivate, set goals, and provide on-going feedback to direct reports
• Support Head of Cybersecurity Operations with Internal Audit & Federal regulatory compliance
• Experience managing cyber incident response, triage, and recovery efforts for Information Security incidents affecting IT assets
• Experience performing real-time security incident management and tracking (e.g., forensic collections, intrusion correlation/tracking, threat analysis, direct system remediation) to support the Incident Response Team
• Experience communicating cybersecurity incidents to senior management
• Experience conducting cybersecurity forensic analysis from custody, data acquisition, analysis, and reporting
• Hands-on experience with key security tooling including Splunk or IBM Resilient or other incident tracking system of record, and forensic analysis tools such as encase
• Experience with federal regulatory agency cybersecurity exams and internal audits
  
  

Certifications

• CISM: Certified Information Security Manager
• CISSP: Certified Information Systems Security Professional
  
  

It Would Be Nice For You To Have

Established work history or equivalent demonstrated through a combination of work experience, training, military service, or education.

Risk Culture

We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk management.

EEO Statement

At Santander, we value and respect differences in our workforce. We actively encourage everyone to apply. Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.

Working Conditions

Frequent minimal physical effort such as sitting, standing and walking is required for this role. Depending on location, occasional moving and lifting light equipment and/or furniture may be required.

Employer Rights

This job description does not list all of the job duties of the job. You may be asked by your supervisors or managers to perform other duties. You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time. This job description is not a contract for employment and either you or the employer may terminate your employment at any time for any reason.

What To Do Next

Review the internal eligibility guidelines here. If this sounds like a role you are interested in, then please apply.

We are committed to providing an inclusive and accessible application process for all candidates. If you require any assistance or accommodation due to a disability or any other reason, please contact us at TAOps@santander.us to discuss your needs.

Benefits

Santander Benefits - 2025 Santander OnGoing/NH eGuide (foleon.com)

Primary Location: Quincy, MA, 1 Enterprise Drive-Quincy-Corp

Other Locations: Massachusetts-Quincy,Texas-Dallas,Florida-Coconut Grove

Organization: Santander Holdings USA, Inc.

The base pay range for this position is posted below and represents the annualized salary range. For hourly positions (non-exempt), the annual range is based on a 40-hour work week. The exact compensation may vary based on skills, experience, training, licensure and certifications and location.

Salary: $127,500 - $225,000/year

AN EQUAL OPPORTUNITY EMPLOYER M/F/Vet/Disabled/SO

• Seniority level
  Director

• Employment type
  Full-time

• Job function
  Information Technology
• Industries
  Banking

Referrals increase your chances of interviewing at Santander Bank, N.A. by 2x

Boston, MA $180,000.00-$220,000.00 2 hours ago

Woburn, MA $140,000.00-$200,000.00 7 months ago

Newton, MA $258,000.00-$323,000.00 13 hours ago

Quincy, MA $170,000.00-$282,500.00 6 days ago

Boston, MA $157,500.00-$320,000.00 1 hour ago

Boston, MA $157,500.00-$320,000.00 5 days ago

Boston, MA $153,000.00-$252,900.00 1 hour ago

Boston, MA $153,000.00-$252,900.00 1 hour ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.