Apply on Employer Site

Santander · 1 day ago

Enterprise IT RCSA Testing Lead

1 Enterprise Drive-Quincy-Corp

Full-time

Onsite

Senior Level, Lead/Staff

$120K/yr - $215K/yr

12+ years exp

Santander is a global leader and innovator in the financial services industry, evolving into a technology-driven organization. The Enterprise IT RCSA Testing Lead is responsible for building and overseeing a comprehensive, risk-based control testing program across Santander US, providing strategic direction and operational oversight for RCSA control testing.

BankingCommercial LendingFinanceFinancial ServicesPersonal Finance

Comp. & Benefits

Responsibilities

Lead the design, development, and execution of the enterprise-wide RCSA control testing program, including testing methodology, sampling approaches, test scripts, documentation standards, and quality assurance

Oversee execution of control design assessments, operating effectiveness testing, and remediation validation across Technology, Operations, Corporate Functions, and Line of Business activities

Identify control deficiencies, assess risk impacts, and present clear, evidence-based findings to business and technology leaders

Produce high-quality reporting and insights for senior management, governance committees, and risk partners, highlighting emerging themes and control environment trends

Partner closely with Second Line of Defense teams and Internal Audit to ensure alignment on testing expectations, issue identification, and remediation standards

Ensure testing practices meet or exceed regulatory requirements and internal policy standards

Build, lead, and develop a high-performing testing organization, fostering a culture of accountability, technical excellence, and continuous improvement

Qualification

Risk ManagementControl TestingInternal AuditCloud TechnologiesCybersecurity PrinciplesData GovernanceAnalytical SkillsPlanningPrioritizationCommunication SkillsLeadership SkillsAttention to Detail

Required

Bachelor's Degree or equivalent work experience: Accounting, Business, Statistics, Risk Management, Information Systems, Finance, Economics or equivalent field

12+ Years Risk Management

12+ Years Previous management experience

Extensive experience in control testing, Internal Audit, RCSA, SOX, operational risk, or technology risk within a regulated financial institution

Strong understanding of control design, evidence evaluation, sampling, and testing documentation standards

Demonstrated expertise in both Technology and Non-Technology control environments

Proven ability to communicate effectively with senior leaders and influence across all levels of the organization

Experience managing teams and driving execution in a fast-paced, highly regulated environment

Strong analytical and critical thinking skills

Excellent written and verbal communication

Ability to lead through influence and build strong partnerships

High attention to detail and commitment to quality

Strong planning, prioritization, and execution skills

Ability to manage complexity and navigate competing priorities

Deep understanding of modern technology environments

Cloud technologies (AWS, Azure, GCP) and shared responsibility models

AI/ML risk management, including model governance, data lineage, bias detection, and monitoring

Cybersecurity principles: access controls, vulnerability management, secure SDLC, threat monitoring

Infrastructure and network controls: segmentation, disaster recovery, change management

Data governance and data quality controls, including privacy, retention, and classification

Third-party and SaaS technology risk, including SOC report evaluation and control testing

Use of automation, GRC platforms, and analytics tools to enhance testing quality and efficiency

Familiarity with major control and technology frameworks, including: NIST Cybersecurity Framework (CSF), NIST 800-53 and 800-17, ISO 27001/27002, CIS Critical Security Controls, SOC 1/SOC 2 Trust Services Criteria, COBIT Framework, FFIEC IT Handbook and guidance