The role will lead the development of a data-driven vulnerability management and scenario testing capability, aligned to Operational Resilience and regulatory expectations. This is a senior technical leadership role focused on risk analytics, vulnerability intelligence, and scenario modelling, transforming traditional risk practices into a quantitative, evidence-based assurance capability. You will define how vulnerabilities are identified, prioritised, tested, and remediated across complex systems, ensuring full traceability and Board-level visibility. You will operate as a Line 1 risk SME, leading across vulnerability management, scenario testing, and crisis integration, while influencing senior stakeholders and driving enterprise-wide resilience outcomes. We’re shaping the way we work through innovation, cutting‑edge technology, collaboration and the freedom to explore new ideas.
* Designing and implementing a centralised vulnerability management capability, including a single source of truth for vulnerabilities across systems, services, and third parties.
* Developing risk‑based prioritisation models, aligned to impact tolerances (IBS/ITOL) and scenario testing outputs.
* Leading data‑driven vulnerability analysis, linking vulnerabilities to service architecture, dependencies, and resilience outcomes.
* Establishing robust remediation tracking, validation, and control effectiveness testing frameworks.
* Designing and delivering advanced scenario testing capability, including severe but plausible scenarios and quantitative impact modelling.
* Integrating incident data, threat intelligence, and vulnerability insights into testing and risk assessment frameworks.
* Producing Board‑level MI and reporting, demonstrating exposure trends, resilience uplift, and control effectiveness.
* Acting as a senior risk SME, leading governance forums, influencing stakeholders, and driving compliance with regulatory and internal risk frameworks.
WHAT YOU’LL BRING
* Wellbeing that goes beyond work – we work with a range of wellbeing partners across our 4 pillars of wellbeing (physical, mental, social and financial) to give you access to a suite of apps, discounted gym and fitness access, weekly online classes, flexible healthcare and mental health support.
* Support for every life stage – from menopause and pregnancy to parenthood and beyond, with enhanced family leave, childcare options and tailored wellbeing support.
* Time to give back through volunteering opportunities that let you make a difference in the communities we serve.
* Global growth opportunities to shape your career, learn new skills and explore what's possible across our international network.
At Santander, we proudly provide equal opportunities for everyone – regardless of age, gender, disability, civil status, race, religion or sexual orientation – and we are committed to creating a recruitment experience that is accessible, fair and welcoming for all candidates.
Experience
* Extensive experience in operational risk, vulnerability management, or resilience within financial services.
* Proven experience designing and implementing risk frameworks, vulnerability management, or scenario testing capabilities.
* Experience applying data‑driven approaches to risk identification, prioritisation, and remediation.
* Experience leading complex cross‑functional initiatives across technology, cyber, and business teams.
Education
* Undergraduate degree in Risk, Cybersecurity, Technology, Data, or related field (Preferred).
Professional Certifications
* Professional certifications in Risk Management, Cybersecurity, or Operational Resilience (Preferred).
Languages
* English (Required).
Hard Skills
* Strong expertise in vulnerability management frameworks, tools, and methodologies (Required).
* Experience with risk modelling, scenario analysis, and quantitative impact assessment (Required).
* Understanding of technology architecture, data flows, and system dependencies (Required).
* Knowledge of operational resilience frameworks (IBS, ITOL) and regulatory expectations (FCA/PRA, BCBS) (Required).
* Experience integrating threat intelligence, incident data, and vulnerability data into analytics frameworks (Required).
* Strong understanding of risk governance, control frameworks (e.g. COSO, SOX), and compliance requirements (Required).
Soft Skills
* Strong strategic thinking and decision‑making capability (Required).
* Ability to translate complex risk and technical data into executive insights (Required).
* Excellent stakeholder management and influencing skills at senior level (Required).
* Strong leadership capability with experience building and developing high‑performing teams (Required).
* Ability to challenge constructively and drive a proactive risk culture (Required).
Benefits
* Salary Range: £76,385.00 – £114,577.00 per annum (depending on experience).
* 30 days’ holiday plus bank holidays, increasing to 31 days after 5 years of service, with the option to purchase up to 5 contractual days per year.
* £6,000 car allowance per year.
* Company‑funded individual private medical insurance.
* Protection for you and your family, with company‑funded death‑in‑service benefit and income protection insurance, and the option to take advantage of discounted rates for additional life assurance and critical illness cover.
* Share in Santander’s success by saving or investing in our share plans.
* As a Santander UK employee, you are able to request staff versions of our products (e.g., Edge Current Accounts and Credit Cards) without fees, and apply for many other deals and discounts in Santander products and services.
#J-18808-Ljbffr