Associate, Information Security
Company: Santander Holdings USA Inc
Location: Dallas
Posted on: October 27, 2024
Job Description:
Associate, Information SecurityDallas, United States of
AmericaDevelops, manages, and operates security services that
assess, prioritize, and mitigate information security and
technology risk. This includes conducting regular security
assessments and vulnerability scans using tools such as AWS
GuardDuty, AWS Inspector, and AWS Config. Analyzes and interprets
security issues identified by these tools, providing detailed and
actionable recommendations for remediation. Performs comprehensive
application security assessments and code reviews to identify and
mitigate potential vulnerabilities. Ensures compliance with
industry standards and frameworks, including CIS benchmarks for
AWS. Develops, maintains, and enforces security policies,
procedures, and documentation to support compliance efforts.
Conducts thorough audits and assessments to ensure ongoing
adherence to security policies and standards. Implements and
manages advanced security monitoring solutions using Splunk and
SysDig. Monitors security alerts and incidents, coordinating
response efforts to effectively mitigate risks. Conducts in-depth
root cause analysis of security incidents and implements robust
measures to prevent recurrence. Collaborates closely with
development and operations teams to integrate security best
practices into the software development lifecycle (SDLC). Stays
abreast of the latest security trends, threats, and technologies.
Continuously improves security processes and controls to enhance
the overall security posture of the organization.Essential
Functions/Responsibility Statements:
- Conducts regular security assessments and vulnerability scans
using tools such as AWS GuardDuty, AWS Inspector, and AWS
Config.
- Analyzes and interprets security issues identified by these
tools, providing detailed and actionable recommendations for
remediation.
- Performs comprehensive application security assessments and
code reviews to identify and mitigate potential
vulnerabilities.
- Ensures compliance with industry standards and frameworks,
including CIS benchmarks for AWS.
- Develops, maintains, and enforces security policies,
procedures, and documentation to support compliance efforts.
- Conducts thorough audits and assessments to ensure ongoing
adherence to security policies and standards.
- Implements and manages advanced security monitoring solutions
using Splunk and SysDig.
- Monitors security alerts and incidents, coordinating response
efforts to effectively mitigate risks.
- Conducts in-depth root cause analysis of security incidents and
implements robust measures to prevent recurrence.
- Collaborates closely with development and operations teams to
integrate security best practices into the software development
lifecycle (SDLC).
- Stays abreast of the latest security trends, threats, and
technologies.
- Continuously improves security processes and controls to
enhance the overall security posture of the
organization.Qualifications: To perform this job successfully, an
individual must be able to perform each essential duty
satisfactorily. The requirements listed below are representative of
the knowledge, skill, and/or ability required. Reasonable
accommodations may be made to enable individuals with disabilities
to perform the essential functions.Education: Bachelor's Degree or
equivalent work experienceWork Experience: 5-9 years; Experience in
Information security, Cloud governance, IT audit, or risk
management.Skills and Abilities:
- Proficiency in AWS security tools such as AWS GuardDuty, AWS
Inspector, and AWS Config.
- Experience with security monitoring tools like Splunk and
SysDig.
- Strong understanding of CIS benchmarks for AWS and other
relevant compliance frameworks.
- In-depth knowledge of application security principles and best
practices.
- Ability to analyze and mitigate security issues identified by
various security tools.
- Excellent analytical and problem-solving skills to identify and
address security vulnerabilities.
- Ability to conduct thorough risk assessments and develop
effective mitigation strategies.
- Strong communication and collaboration skills to work
effectively with development, operations, and compliance
teams.
- Ability to provide training and guidance on security and
compliance best practices.
- High attention to detail to ensure thorough analysis and
accurate documentation.
- Proactive approach to identifying and addressing security risks
before they become critical issues.
- Commitment to staying up-to-date with the latest security
trends, threats, and technologies.Diversity & EEO Statements: At
Santander, we value and respect differences in our workforce and
strive to increase the diversity of our teams. We actively
encourage everyone to apply.Santander is an equal opportunity
employer. All qualified applicants will receive consideration for
employment without regard to race, color, religion, sex, sexual
orientation, gender identity, national origin, genetics,
disability, age, veteran status, or any other characteristic
protected by law.Working Conditions: Frequent Minimal physical
effort such as sitting, standing and walking. Occasional moving and
lifting equipment and furniture is required to support onsite and
offsite meeting setup and teardown. Physically capable of lifting
to fifty pounds, able to bend, kneel, climb ladders.Employer
Rights: This job description does not list all the job duties of
the job. You may be asked by your supervisors or managers to
perform other duties. You may be evaluated in part based upon your
performance of the tasks listed in this job description. The
employer has the right to revise this job description at any time.
This job description is not a contract for employment and either
you or the employer may terminate at any time for any reason.
Primary Location: -Dallas, TX, Dallas
Other Locations: -Texas-Dallas
Organization: -Santander Holdings USA, Inc.
Keywords: Santander Holdings USA Inc, Euless , Associate, Information Security, Other , Dallas, Texas
Didn't find what you're looking for? Search again!
Loading more jobs...