Sr. FLoD Technology/Privacy Compliance Risk Officer

The Sr. FLoD Technology/Privacy Compliance Risk Officer represents the First Line of Defense (FLoD) is responsible for monitoring, assessing, and enforcing compliance with technology-related regulations, policies, and industry standards within the financial institution. This role ensures that all technology operations and digital processes meet regulatory requirements, minimize risk, and protect the institution’s data, assets, and client information.

The Sr. FLoD Technology/Privacy Compliance Risk Officer will perform key risk management role by assisting the Director of FLoD Technology and Operations Compliance in providing regulatory and compliance advisory support to FLoD.  

Essential Functions:

• Serve as a liaison between Compliance, IT, and Business Units, providing guidance on technology-related compliance issues.
• Support project teams on technology risk management during new system implementations or technology changes.
• Monitor, interpret, and implement relevant laws, regulations, and guidelines (e.g., GDPR, CCPA, GLBA, NYDFS 23 NYCRR 500) as they relate to technology and cybersecurity.
• Advise senior management and stakeholders on regulatory changes and compliance requirements affecting technology use and data management.
• Provide regulatory guidance and support on business procedures to ensure compliance with relevant technology regulations and align with industry standards (e.g., NIST, ISO 27001) and best practices for data privacy and cybersecurity.
• Support Risk and Control Self-Assessment (RCSA) risk assessments and identify gaps in the technology and data management processes that may lead to regulatory or compliance risks.
• Collaborate with IT and security teams to implement controls and risk mitigation measures in line with regulatory requirements.
• Ensure ongoing monitoring and reporting of compliance risks associated with technology systems and infrastructure.
•  Work closely with Compliance Privacy Officers(s) to implement and oversee data privacy policies and ensure compliance with data protection regulations.
• Monitor data access controls, encryption, and data management protocols to protect sensitive information.
• Prepare and present reports to regulatory bodies and senior management regarding compliance status and audit findings.
• Implement corrective actions for audit findings and monitor their progress.
• Promote a culture of compliance by raising awareness of technology and data protection requirements across the organization.
• Work with incident response teams to investigate technology-related compliance breaches or security incidents.
• Provide recommendations and coordinate remediation actions to resolve incidents and prevent recurrence.

Qualifications:

• Education and Experience
  • Education: Bachelor’s degree in Finance, Information Technology, Business, or a related field. A Master’s degree or relevant certification (e.g., CISA, CISM, CISSP, CRISC) is a plus
  • Experience: 5+ years of experience in technology compliance, IT risk management, or a related field within the financial services industry.

• Skills & Abilities
  • Strong knowledge of regulatory frameworks (e.g., SOX, GDPR, FFIEC, FINRA, OCC) and industry standards for data security and privacy.
  • Proficiency in risk assessment methodologies and compliance auditing techniques.
  • Excellent analytical, problem-solving, and communication skills.
  • Ability to work collaboratively across departments and communicate complex compliance requirements effectively.

Diversity & EEO Statements: At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams. We actively encourage everyone to apply.

Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.

Working Conditions: Frequent Minimal physical effort such as sitting, standing and walking. Occasional moving and lifting equipment and furniture is required to support onsite and offsite meeting setup and teardown. Physically capable of lifting up to fifty pounds, able to bend, kneel, climb ladders.

Employer Rights: Employer Rights: This job description does not list all of the job duties of the job. You may be asked by your supervisors or managers to perform other duties. You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time. This job description is not a contract for employment and either you or the employer may terminate at any time for any reason.

Primary Location: Dorchester, MA, Dorchester

Other Locations: Massachusetts-Dorchester,Massachusetts-Quincy,Texas-Dallas

Organization: Santander Holdings USA, Inc.