Senior Risk Control IT
Santander
full-time
Posted on:
Location Type: Office
Location: CDMX • 🇲🇽 Mexico
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
Cyber SecurityFirewalls
About the role
- Implement the Enterprise Risk Management Framework
- Ensure compliance with regulations, corporate standards, and company policies
- Execute a defined risk and control self-assessment program
- Analyze, evaluate, and provide strategic guidance for programs, policies, and procedures
Requirements
- Bachelor's degree in IT Risk Management, Information Systems, or equivalent field, or equivalent work experience
- More than 3 years of experience in IT technical control testing and IT technical evidence evaluation
- More than 3 years of experience in IT Risk Management, Internal Controls, Auditing, and Information Security
- Previous hands-on experience in cyber risk assessment, cybersecurity evaluation, penetration testing, network devices (firewalls/IDS-IPDS), and IT tools
- Solid knowledge and understanding of risk and control methodologies, including frameworks such as COSO and COBIT
- Experience conducting reviews of medium- to high-complexity IT processes
- Ability to independently develop and document test procedures and/or recommendations for modifying test plans to improve the validation of control objectives
- Extensive experience testing IT controls across multiple domains and evaluating automated and manual controls related to information security or IT infrastructure
- Strong data analysis skills and the ability to independently develop scripts to collect the data necessary for control testing/assessments
- Automation of test procedures whenever possible
- Ability to perform cross-platform testing (applications, databases, operating systems, middleware, monitoring tools, and business processes)
- Independently obtain, review, and interpret evidence to validate the effectiveness of controls and identify vulnerabilities, deficiencies, or failures
- Identify risks associated with control failures and support the identification of mitigating controls
- Ability to accurately document control test results with sufficient detail and minimizing the need for rework
- Ability to work on multiple simultaneous assessments
- Ability to create Excel formulas for data analysis
- Excellent project management skills
- Professional Certification such as CRISC, CISA, CISSP - Preferred.
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
IT Risk ManagementInternal ControlsAuditingInformation SecurityCyber Risk AssessmentPenetration TestingData AnalysisTest ProceduresControl TestingExcel Formulas
Soft skills
Strategic GuidanceIndependent DevelopmentDocumentationProject ManagementAnalytical SkillsAttention to DetailMulti-taskingCommunication
Certifications
CRISCCISACISSP