Head of Enterprise RCSA Testing

Head Of Enterprise RCSA Testing

Country:
United States of America

Your Journey Starts Here:
Santander is a global leader and innovator in the financial services industry. We believe that our employees are our greatest asset. Our focus is on fostering an enriching journey that empowers you to explore diverse career opportunities while nurturing your personal growth. We are committed to creating an environment where continuous learning and development are prioritized, enabling you to thrive both professionally and personally.

Here, you will find ample opportunities to connect and collaborate with talented colleagues from around the world, sharing insights and driving innovation together. Join us at Santander, where you are supported by a culture of engagement and a commitment to your success. An exciting journey awaits, if you are interested in exploring the possibilities.

The Head of Enterprise RCSA Testing is a critical leadership role within the First Line of Defense, responsible for building and overseeing a comprehensive, risk-based control testing program across Santander US. This role provides strategic direction and operational oversight for RCSA control testing across both Technology and Non-Technology business lines, ensuring alignment with Santander's Enterprise Risk Management Framework, internal standards, and regulatory expectations.

The successful candidate will bring deep expertise in control testing, strong partnership skills, and the ability to drive high-quality, consistent execution across a complex organization.

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Bachelor's Degree or equivalent work experience:
Accounting, Business, Statistics, Risk Management, Information Systems, Finance, Economics or equivalent field. Required.

12+ Years Risk Management. Required.

12+ Years Previous management experience. Required.

Extensive experience in control testing, Internal Audit, RCSA, SOX, operational risk, or technology risk within a regulated financial institution.

Strong understanding of control design, evidence evaluation, sampling, and testing documentation standards.

Demonstrated expertise in both Technology and Non-Technology control environments.

Proven ability to communicate effectively with senior leaders and influence across all levels of the organization.

Experience managing teams and driving execution in a fast-paced, highly regulated environment.

Strong analytical and critical thinking skills.

Excellent written and verbal communication.

Ability to lead through influence and build strong partnerships.

High attention to detail and commitment to quality.

Strong planning, prioritization, and execution skills.

Ability to manage complexity and navigate competing priorities.

Deep understanding of modern technology environments.

Cloud technologies (AWS, Azure, GCP) and shared responsibility models.

AI/ML risk management, including model governance, data lineage, bias detection, and monitoring.

Cybersecurity principles: access controls, vulnerability management, secure SDLC, threat monitoring.

Infrastructure and network controls: segmentation, disaster recovery, change management.

Data governance and data quality controls, including privacy, retention, and classification.

Third-party and SaaS technology risk, including SOC report evaluation and control testing.

Use of automation, GRC platforms, and analytics tools to enhance testing quality and efficiency.

Familiarity with major control and technology frameworks, including: NIST Cybersecurity Framework (CSF), NIST 800-53 and 800-17, ISO 27001/27002, CIS Critical Security Controls, SOC 1/SOC 2 Trust Services Criteria, COBIT Framework, FFIEC IT Handbook and guidance.

Certifications:

Other:
Risk Certification - Preferred.

Established work history or equivalent demonstrated through a combination of work experience, training, military service, or education. Experience in Microsoft Office products.

The base pay range for this position is posted below and represents the annualized salary range. For hourly positions (non-exempt), the annual range is based on a 40-hour work week. The exact compensation may vary based on skills, experience, training, licensure and certifications and location.

Base Pay Range Minimum: $ USD Maximum: $ USD

We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk management.

At Santander, we value and respect differences in our workforce. We actively encourage everyone to apply. Santander is an equal opportunity employer. All qualified applicants will receive consideration for…