Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our IT team to manage IT & Cyber Risk and improve governance practices.
- Company: Santander Consumer Finance UK provides motor finance across the UK, based in Redhill, Surrey.
- Benefits: Enjoy a competitive salary, 30 days holiday, private medical insurance, and gym passes.
- Why this job: Be part of a dynamic team focused on cyber security and risk management with a commitment to consumer protection.
- Qualifications: Experience in IT risk management, excellent communication skills, and industry-standard qualifications required.
- Other info: This is a hybrid role; at least 3 days a week in the office.
The predicted salary is between 52000 - 58000 £ per year.
Santander Consumer Finance UK (SCUK) is based in Redhill, Surrey and provides motor finance to a network of dealerships throughout the United Kingdom. An exciting opportunity has arisen to join our IT team as a Senior IT Risk & Governance Analyst. This is a key role to support the eCISO, IT Risk & Governance Manager and be a trusted partner and advisor to key stakeholders regarding governance, controls, cyber, information security, and IT risk. Please note this role is a hybrid role with at least 3 days a week in the Redhill office. Remote workers will not be considered.
Responsibilities will include:
- Manage IT & Cyber Risk portfolio and drive continuous improvements and help shape procedures with a focus on improving working practices and reducing risk.
- Partnering with 2LoD to manage expectations and improve on data quality results.
- Managing risk impacts and ensure mitigations are in place and regularly assessed.
- Produce reports for relevant SCUK business stakeholders to have the appropriate visibility of core tasks.
- Deal with or escalate any identified risks in relation to Santander Consumer risk policies and/or legislative and regulatory guidelines in accordance with the Santander UK group risk framework.
- Manage and report KRI information for IT to promote effective monitoring.
- Ensure that KRI are aligned with the requirements of HQ in Spain and that adequate action plans are in place for those that are out of appetite.
- Provide assurance on existing IT Risk and controls in line with internal requirements.
- Ensure that the IT leadership Team (ITLT) have effective standards, policies, processes and procedures suitable for the SCUK business.
- Ensure these are regularly reviewed, approved and stored in a central repository for ease of reference and consumption and that all staff have been appropriately trained in their use.
- Plan and manage the embedding of a capability and maturity culture to drive continuous improvement across the IT department.
- Working with Internal and External audit team to review evidence and track remediation of identified issues.
- Manage logging of risk events, identify patterns of failures or gaps in risk events and ensure there is remediation plan that is tracked to completion.
- Plan and manage local Ethical Phishing campaigns and ensure the results (or both local and Group) campaigns are followed up on, shared and reported to the relevant people in line with SCUK consequence management process.
- Develop and implement any required action plans to address identified issues.
- Design, plan and publish relevant and up to date cyber awareness articles on SCUK local intranet ensuring alignment with SanUK.
- Create an ongoing plan to execute cyber awareness training for all new starters and for those who need a refresher.
- Keep a register of those who have participated and follow-up on those who do not attend.
- Assist the eCISO, IT Risk & Governance Manager in producing the monthly reporting for all the relevant committees and forums.
- Adhering to our commitment to Consumer Duty ensuring we put our Customers’ needs first and set higher and clearer standards of consumer protection.
What we’re looking for:
- Significant practical experience in a similar role with demonstrable experience of developing, implementing, managing, and monitoring, tailor-made controls adapted to the organisation served.
- Proven experience and ability in dealing with staff at all levels of a similar sized organisation or larger.
- Excellent written and verbal communications skills.
- Excellent emotional intelligence, influencing and collaboration skills.
- Excellent presentation skills.
- Ability to feedback on governance, risk, cyber and compliance issues in a structured manner and adapt good practice to meet the needs of the SCUK business.
- Proven experience of confidently delivering Risk & Cyber Security Training to staff.
- Demonstrated initiative and commitment for results and the ability to set priorities and manage multiple initiatives.
- Ability to adjust to changing priorities while multitasking effectively.
- Flexible and adaptable; able to work in ambiguous situations.
- Solid work ethic with attention to detail and commitment to results.
- Confident and effective problem solver and decision maker.
- Advanced Microsoft Excel skills to enable the creation and production of regular complex analysis and reporting for key stakeholders.
- Extensive practical knowledge of the implementation and continuous use of the COBIT Maturity Framework.
- Industry standard qualifications in IT control and audit frameworks such as COBIT, CRISC, ISO2700X, ITIL.
We have a range of benefits available which include:
- Competitive salary of £62,000 - £68,000 dependent on experience.
- 30 days holiday per annum, plus bank holidays.
- Annual bonus based on personal and company performance.
- £6000 Car allowance.
- Private Medical Insurance.
- Generous pension contributions.
- Employee assistance programme.
- Sharesave scheme.
- Gym passes at a reduced rate for 3,000 gyms, leisure centres etc.
Inclusion
At Santander we’re creating a thriving workplace where all colleagues feel they belong and are supported to succeed. We all help to make Santander a workplace that celebrates diversity and attracts, retains and develops the most talented and committed people through living our values of Simple, Personal, and Fair. At Santander Consumer Finance we have a zero-tolerance approach to discrimination, bullying, harassment (including sexual) or victimisation of any kind.
What are the next steps:
If you are interested in this role and believe you have the skills, experience, and knowledge then we’d love to hear from you. Please go ahead and click apply which will take you through some questions and allow you to submit your CV and covering letter.
SCUK Senior IT Risk & Governance Analyst employer: Santander USA
Contact Detail:
Santander USA Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land SCUK Senior IT Risk & Governance Analyst
✨Tip Number 1
Familiarise yourself with the COBIT Maturity Framework and other relevant IT control frameworks mentioned in the job description. Understanding these frameworks will not only help you during interviews but also demonstrate your commitment to the role.
✨Tip Number 2
Network with professionals in the IT risk and governance field, especially those who have experience in similar roles. Engaging with them can provide insights into the company culture at SCUK and may even lead to referrals.
✨Tip Number 3
Prepare to discuss specific examples of how you've managed IT risks and implemented controls in previous roles. Being able to articulate your hands-on experience will set you apart from other candidates.
✨Tip Number 4
Stay updated on the latest trends and challenges in cyber security and IT governance. This knowledge will not only help you answer questions effectively but also show your proactive approach to continuous improvement.
We think you need these skills to ace SCUK Senior IT Risk & Governance Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in IT risk and governance. Use keywords from the job description, such as 'cyber security', 'risk management', and 'COBIT Maturity Framework' to demonstrate your fit for the role.
Craft a Compelling Cover Letter: In your cover letter, explain why you are passionate about IT risk and governance. Mention specific experiences that align with the responsibilities listed in the job description, such as managing risk portfolios or developing training programmes.
Showcase Communication Skills: Since excellent communication skills are essential for this role, consider including examples of how you've effectively communicated complex information to various stakeholders in your application materials.
Highlight Relevant Qualifications: If you have industry-standard qualifications like COBIT, CRISC, or ISO2700X, make sure to mention these prominently in your CV and cover letter. This will help demonstrate your expertise and commitment to the field.
How to prepare for a job interview at Santander USA
✨Understand the Role and Responsibilities
Make sure you thoroughly read the job description and understand the key responsibilities of the Senior IT Risk & Governance Analyst role. Be prepared to discuss how your experience aligns with managing IT and cyber risk portfolios, as well as your approach to improving working practices.
✨Showcase Your Communication Skills
Given the importance of communication in this role, practice articulating your thoughts clearly and confidently. Prepare examples of how you've effectively communicated complex risk and governance issues to various stakeholders in previous roles.
✨Demonstrate Your Technical Knowledge
Brush up on your knowledge of IT control frameworks like COBIT and ISO2700X. Be ready to discuss how you've implemented these frameworks in past positions and how they can be applied to enhance SCUK's risk management processes.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving abilities and decision-making skills. Think of specific instances where you've successfully managed risks or led initiatives that improved governance and compliance within an organisation.
