This position will be reporting to the Director of Security Architecture and Solutions.

THIS ROLE WILL BE IN ENGLISH, THERE ARE NOT SPANISH SPEAKERS IN THE TEAM.

The role is responsible for designing and developing comprehensive security architectures, strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls in bank's technology. The role¿s specific focus includes mitigating and managing cyber security threats to the cloud, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity.

Cyber Security (Architecture, Development):

• Assess architectural patterns for service account authentication, Privileged Access Management, DevSecOps pipeline, security logging and monitoring, audit logging, and compliance guidance and monitoring.
• Responsible for protecting the Bank, customers, and employees by mitigating and identifying technology threats to Santander.
• Provide expertise for cyber security technical and non-technical solutions; review and provide guidance enabling business system in the cloud while leveraging Platform as a Service (PaaS), Infrastructure as a Service (IaaS) and Software as a Service (SaaS) in a manner that adheres to Santander information security policy and standards.
• Review and approve target state deployment topology, High-Level Architecture and network interactions for the Public Cloud Workloads
• Share cloud technology expertise with application architects and provide consultative support to application teams including assessment of connectivity requirements, VNet/VPC, and subnet design and recommendations.
• ENGLISH IS A MUST.

?

Education and experience:

• Designed application authentication and authorization solutions including Single-Sign-On, Multi-Factor Authentication, OAuth, OpenID Connect, SIEM, CSPM, Key Management Systems and related technologies for workloads moving to the cloud.
• Experience with Scrum, Kanban and SAFe Agile practices and strong aptitude to work in a DevOps culture and environment.
• Full-stack development experience building application software, test automation, and infrastructure as code
• Familiar with cloud automation frameworks (Terraform, Ansible) and cloud provided automation tools (Azure Resource Manager Templates).
• Hands-on work experience working with SOAP and REST APIs, microservices design
• Experience in private network connectivity using Express Routes, Direct Connect, etc.
• Familiarity with load balancing technologies - ILB (Internal Load Balancers), Application Gateway, WAF (Web App Firewall), F5 appliance solutions, etc.
• Familiarity with network security principles (Network Security Groups, Application Security Groups), Private Link Services, Service Endpoint, Service Tags, etc.
• Familiarity with OWASP and integrations with static code analysis and dynamic code analysis tools.

Cloud Computing:

• Thorough understanding and experience with AZURE & AWS native controls
• Good knowledge / hands-on experience in the following in AZURE & AWS
• Network Security Groups and Micro-segmentation concepts
• UDR and Load balancers
• VPN Gateways and ExpressRoute connection
• Firewalls
• Service tags and service endpoints
• NAT and PAT concepts
• Automation frameworks (Terraform, Ansible) and automation scripts to support the cloud environment tools
• Security Events and Incident Management (SEIM)