Head of Information Security at Aurora shaping security strategy and governance in a software - focused global business. Leading security efforts to ensure resilience and compliance across operations.
About the role
- Hardening Compliance Lead for cybersecurity at Santander. Ensuring compliance with industry standards and security benchmarks across IT and cloud assets.
Responsibilities
- Lead the technical execution and supervision of the Hardening Compliance function, covering both on-premises systems and cloud platforms.
- Oversee the planning, execution, and monitoring of hardening controls and CSPM controls for IT and cloud assets.
- Act as a hands-on contributor, directly performing compliance checks and remediation activities when needed.
- Coordinate with system administrators, delivery teams, auditors, and Risk & Compliance stakeholders to ensure alignment and accountability.
- Investigate anomalies (e.g., drops in compliance scores) to differentiate between false positives and true configuration issues before requesting remediation.
- Ensure controls and processes remain aligned with regulatory requirements, internal policies, and CIS Benchmarks (including cloud benchmarks).
- Lead efforts to optimize and streamline semi-manual processes, with the goal of improving efficiency and scalability.
- Serve as the primary technical point of contact for escalations within the Hardening Compliance and CSPM functions.
Requirements
- Bachelor's Degree or equivalent work experience: Computer Science, Engineering or Information Technology Management, or equivalent field.
- 5+ years of experience in systems administration, IT operations, or information security roles.
- Hands-on involvement in implementing or monitoring security configuration baselines (e.g., CIS Benchmarks).
- Practical experience performing compliance checks, identifying misconfigurations, and coordinating remediation activities.
- 1+ year of direct experience with Cloud Security Posture Management (CSPM) tools and cloud platform hardening.
- Experience interacting with cross-functional teams such as system administrators, software delivery, audit, or compliance.
- Demonstrated track record of ownership and accountability in operational security tasks.
- Proven experience in system administration or IT operations, with a strong understanding of system configuration and security.
- Practical experience with CIS Benchmarks, including hardening of IT assets and cloud platforms.
- Hands-on experience with Cloud Security Posture Management (CSPM) tools such as Sysdig, Wiz, or equivalent.
- Familiarity with compliance and vulnerability management platforms (e.g., Tenable, Qualys).
- Ability to analyze, troubleshoot, and resolve technical and compliance-related issues.
- Strong critical thinking and problem-solving skills, with the ability to handle ambiguity.
- Excellent collaboration and communication skills; able to work effectively across teams and with external stakeholders.
- Strong sense of ownership and accountability. Proactive and resourceful; able to anticipate issues and take initiative.
- Collaborative mindset, with the ability to build trust and drive results across teams.
- Detail-oriented and methodical, ensuring accuracy in compliance assessments.
- Comfortable operating in a fast-paced environment with shifting priorities.
Benefits
- Santander Benefits - 2025 Santander OnGoing/NH eGuide
- Health insurance
- 401(k) matching plans
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Senior Security Engineer specializing in penetration testing and security strategies for fintech. Collaborating with teams to enhance security for AI applications and financial systems.
Principal Cyber Security Engineer for Identity Access Management at MSK managing identity solutions and advanced identity platforms. Partnering with stakeholders to align identity strategy and lead IAM initiatives.
Join The Missing Link as a Security Engineer, leveraging 3 - 4 years of IT Security experience. Lead projects in a collaborative environment with a focus on innovation and impact.
Engineer in Health, Safety and Environment for ArianeGroup focusing on industrial risk management. Involves audits, assessments, and safety training participation.
Senior Product Security Engineer at Red Hat focusing on security and compliance for digital sovereign products while collaborating across global teams and enhancing automation.
Security Engineer safeguarding K - 12 student data in several locations for EduTech startup. Designing secure software systems and ensuring data protection to comply with privacy standards.
Security Engineer focusing on data protection and privacy for Kira Learning's educational technology. Safeguarding K - 12 student data while collaborating with engineering teams on secure software development.
Senior Cybersecurity Engineer responsible for protecting Advansys and its clients' IT infrastructure. Designing, implementing, and managing security solutions, while mentoring junior engineers.
Security Engineer responsible for incident response and security protocol design at Sinch. Joining a global team to safeguard sensitive information and enhance cybersecurity measures.