Santander Consumer Finance UK (SCUK) is based in Redhill, Surrey and provides motor finance to a network of dealerships throughout the United Kingdom.
An exciting opportunity has arisen to join our IT team as a Senior IT Risk & Governance Analyst. This is a key role to support the eCISO, IT Risk & Governance Manager and be a trusted partner and advisor to key stakeholders regarding governance, controls, cyber, information security, and IT risk.
Please note this role is a hybrid role with at least 3 days a week in the Redhill office. Remote workers will not be considered.
Responsibilities will include:
Manage IT & Cyber Risk portfolio and drive continuous improvements and help shape procedures with a focus on improving working practices and reducing risk
Partnering with 2LoD to manage expectations and improve on data quality results
Managing risk impacts and ensure mitigations are in place and regularly assessed
Produce reports for relevant SCUK business stakeholders to have the appropriate visibility of core tasks
Deal with or escalate any identified risks in relation to Santander Consumer risk policies and/or legislative and regulatory guidelines in accordance with the Santander UK group risk framework
Manage and report KRI information for IT to promote effective monitoring
Ensure that KRI are aligned with the requirements of HQ in Spain and that adequate action plans are in place for those that are out of appetite
Provide assurance on existing IT Risk and controls in line with internal requirements
Ensure that the IT leadership Team (ITLT) have effective standards, policies, processes and procedures suitable for the SCUK business. Ensure these are regularly reviewed, approved and stored in a central repository for ease of reference and consumption and that all staff have been appropriately trained in their use
Plan and manage the embedding of a capability and maturity culture to drive continuous improvement across the IT department
Working with Internal and External audit team to review evidence and track remediation of identified issues
Manage logging of risk events, identify patterns of failures or gaps in risk events and ensure there is remediation plan that is tracked to completion
Plan and manage local Ethical Phishing campaigns and ensure the results (or both local and Group) campaigns are followed up on, shared and reported to the relevant people in line with SCUK consequence management process. Develop and implement any required action plans to address identified issues
Design, plan and publish relevant and up to date cyber awareness articles on SCUK local intranet ensuring alignment with SanUK
Create an ongoing plan to execute cyber awareness training for all new starters and for those who need a refresher. Keep a register of those who have participated and follow-up on those who do not attend
Assist the eCISO, IT Risk & Governance Manager in producing the monthly reporting for all the relevant committees and forums
Adhering to our commitment to Consumer Duty ensuring we put our Customers’ needs first and set higher and clearer standards of consumer protection
What we’re looking for:
Significant practical experience in a similar role with demonstrable experience of developing, implementing, managing, and monitoring, tailor-made controls adapted to the organisation served
Proven experience and ability in dealing with staff at all levels of a similar sized organisation or larger
Excellent written and verbal communications skills
Excellent emotional intelligence, influencing and collaboration skills
Excellent presentation skills
Ability to feedback on governance, risk, cyber and compliance issues in a structured manner and adapt good practice to meet the needs of the SCUK business
Proven experience of confidently delivering Risk & Cyber Security Training to staff
Demonstrated initiative and commitment for results and the ability to set priorities and manage multiple initiatives
Ability to adjust to changing priorities while multitasking effectively
Flexible and adaptable; able to work in ambiguous situations
Solid work ethic with attention to detail and commitment to results
Confident and effective problem solver and decision maker
Advanced Microsoft Excel skills to enable the creation and production of regular complex analysis and reporting for key stakeholders
Extensive practical knowledge of the implementation and continuous use of the COBIT Maturity Framework
Industry standard qualifications in IT control and audit frameworks such as COBIT, CRISC, ISO2700X, ITIL
We have a range of benefits available which include:
Competitive salary of £62,000 - £68,000 dependent on experience
30 days holiday per annum, plus bank holidays
Annual bonus based on personal and company performance
£6000 Car allowance
Private Medical Insurance
Generous pension contributions
Employee assistance programme
Sharesave scheme
Gym passes at a reduced rate for 3,000 gyms, leisure centres etc
Inclusion
At Santander we’re creating a thriving workplace where all colleagues feel they belong and are supported to succeed. We all help to make Santander a workplace that celebrates diversity and attracts, retains and develops the most talented and committed people through living our values of Simple, Personal, and Fair.
At Santander Consumer Finance we have a zero-tolerance approach to discrimination, bullying, harassment (including sexual) or victimisation of any kind.
What are the next steps:
If you are interested in this role and believe you have the skills, experience, and knowledge then we’d love to hear from you. Please go ahead and click apply which will take you through some questions and allow you to submit your CV and covering letter.