Ciso Risk Officer C13 - Vp - Hybrid

About Citi:
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.
As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients' best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.
Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We'll enable growth and progress together.
The Info Security Prof Senior Mgr is a senior management level position responsible for accomplishing results through the management of a team or department to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy. This global support role will primarily support regulatory and external audit requests for the Citi Chief Information Security Office (CISO).
This role will be required to work with SMEs of Internal and external Audits; collect and share evidences, organize and share audit walkthrough calls; drive compliance of processes, Infrastructure, and applications with Citi Policies; ensure the teams follow the issue management standards and contribute to an Effective Management Control Assessment.
Responsibilities:

• Drive Risk and Controls agenda in terms of disseminating relevant policies and assessing the impact on supported technology platform. This includes performing process reviews, risk/control-identification including respective KRI assignment, controls assurance. Document, enhance and develop processes to improve efficiency and strengthen the control environment.
• Identify and assign key metrics (e.g. KRI/KPIs) to support effective monitoring and management of operational risk including controls assurance and ensure issues identified and corrective actions are raised to address gaps.
• Provide strong oversight of CAP (Corrective Action Plan) remediation activities both for audit and control issues including quality completion of Risk Exception documentation and annual renewals. Support the assigned technology platform re ensuring the remediation of corrective actions relating to both self-identified and audit issues are completed on time and with the appropriate level of quality and adherence to IBAM.
• Support assigned technology platform during internal and external audits. Assist in all interactions with audit including deliverables management, audit fieldwork, business monitoring and meetings.
• Support the risk assessment program within Citi including governance, oversight and reporting of Management Control Assessments (MCA).
• Support Risk and Controls in governance and processes around laws and regulations including Cross-border, Data Privacy and SOX programs.
• Support other Risk & Controls staff including regional and global clients in performing ad hoc control assessment activities upon request.
• Business-partner with relevant operational, embedded, IS and other relevant parties.
• Ensure provided service achieve Customer satisfaction.
• Additional ad hoc risk and compliance work.
• Complete all tasks in connection with the organization's activity but not detailed in the current job description, assigned by the direct manager, supervisor, or the functional head.
• Travel may be required as part of risk and control activities.
• Establish and manage security solutions for a functional area.
• Develop Corrective Action Plans for all IS gaps and monitor discovered issues to completion
• Facilitate the implementation of approved IS tools and identify and propose new or improved security solutions or emerging technologies.
• Ensure IS compliance and seek opportunities to enhance the efficiency of IS policies and procedures.
• Identify significant IS threats and vulnerabilities, and define appropriate controls for discovered threats, documenting the business response.
• Communicate and discuss changes to IS regulations and standards with Business and Program owners.
• Manage project deadlines, deliverables, planning, budgeting and policy formulation for the team, including short-term resource planning.
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.

Qualifications:

• 6 + years of relevant experience
• Database knowledge preferred
• Additional technical certifications preferred
• Consistently demonstrates clear and concise written and verbal communication
• Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Certified Information Systems Manager (CISM)
• Proven influencing and relationship management skills
• Proven analytical skills

Education:

• Bachelor's degree/University degree or equivalent experience
• Master's degree preferred

Job Family Group:
Technology
Job Family:
Information Security
Time Type:
Full time
Primary Location:
San Antonio Texas United States
Primary Location Salary Range:
$125,760.00 - $188,640.00
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the "EEO is the Law" poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting