Overview of the Organization:
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.
As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.
Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.
Overview of Chief Information Security Office (CISO):
The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients', our revenue, our employees and our proprietary data. We manage information security as one end-to end program – one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the firm and is deeply integrated into the sectors and functions.
- CISO Governance, Risk & Control, and Policy is responsible for providing governance, oversight, risk management, and strategic planning for CISO; as well as Third Party Information Security Assessments (TPISA). The team is also responsible for CISO Program and Performance Management including oversight of CISO’s book of work, maintaining a CISO strategy aligned with industry and regulatory requirements, and CISO’s performance management processes to ensure key IS metrics are in place to determine compliance with Citi’s standards. In addition, the team is responsible for the governance and oversight of Risk Management programs across CISO.
- CISO MCA, Regulatory Management, Controls, and Quality Assurance is responsible for Cyber MCA Governance and CISO MCA Transformation, Cyber CoB, TPM Governance, and Records Management, Cyber Quality Assurance services for Third Party Information Security Assessments, Information Security Risk Assessments, Vulnerability and Threat Management programs. Additionally, the team supports Cyber Regulation Management which involves managing new and updated regulations through conducting thorough impact assessments and ensuring closure of action plans.
Overview of the Role:
This role will report to the Cybersecurity MCA Governance Manager, responsible for programs and activities related to Citi’s Transformation for the Manager’s Control Assessment (MCA) and implementation of the future state MCA for CISO organization. This role will be dedicated to transformation efforts and high-quality implementation as well as support execution of MCA business-as-usual (BAU) activities and implementation of a sustainable program that can cater to CISO/Cyber’s needs.
This role will be providing skilled analysis to support high demand Consent Order / Transformation activities with current and projected increased resource demands continuing through 2025-2030 and beyond. This role will support application of the Transformation models that align and integrate Cyber’s objectives across the organization with rapid and significant changes being introduced that will impact the organization’s risk posture.
The is a people management role that will be responsible for managing a team of 6 FTE responsible for developing and managing cybersecurity Global Process Profiles, execution of Manager’s Control Assessment by CISO Global Assessment Units as well as oversight for Cybersecurity key controls.
Responsibilities:
- Provide guidance and support to CISO process owners in all activities related to managing CISO processes and Global Process Profiles (GPMPs)
- Provider oversight for cybersecurity controls, guide CISO organization for control monitoring and testing.
- Manage the planning, coordination, and execution of MCA Transformation program for CISO
- Gain deep knowledge of MCA Standard, Process and tools to support future state MCA.
- Liaise with Technology MCA Team, Central Controls organization and Central Testing Utility in meeting Consent order deliverables and establishing testing strategy for cyber controls.
- Identify and document key controls necessary for mitigation of cybersecurity risk.
- Be a hands-on Subject Matter Expert (SME) with the ability to drive problem solving and root cause analyses, simplify complex messages and summarize key points
- Foster constructive dialogue and facilitate open discussion, sharing of knowledge and experience with customers and stakeholders
- Actively manage relationships with CISO business partners and risk management teams to achieve sustained success
- Directly support efforts on creating and implementing Global Process Profiles for CISO processes and support future state MCA governance.
- Support CISO businesses in second and third line reviews and challenges related to MCA.
- Actively manage relationships with engineering, operations, application, and risk management teams to achieve sustained success.
- Educate and train CISO staff at all levels on Manager’s Control Assessment and respective Policies and Standards.
- Manage the team inclusive of responsibilities for 1x1s, staff calls, performance assessments and continuing planning.
Qualifications:
- Experience in Operational Risk Management, Manager’s Control Assessment, Controls Standard, Enterprise Architecture Process governance, Information Security, Cybersecurity, Risk Management, Governance, Risk and Control (GRC)
- Risk Management, and/or Project Management certifications are a plus (e.g. CRISC, CISA, CISM, CISSP, PMP)
Critical Competencies:
- Innovate and demonstrate the passion and initiative required to enable growth and progress
- Bring creative approaches to help us drive value for clients
- Ability to influence decisions with senior leadership and business partners when confronted with differing opinions on information security risks
- Demonstrate clear and concise written and verbal communication
- Proven influencing and relationship management skills
- Strong work ethic, ability to work under pressure, meet challenging deadlines
- Proven analytical skills
- Proficiency with Microsoft Office, advanced Excel skills (e.g. macros, pivots, complex formulas)
- Familiarity with data visualization/analytics business applications such as Tableau, QlikView, and Microsoft Power BI
- Familiarity with Machine Learning and Artificial Intelligence (AI) is a plus
------------------------------------------------------
Job Family Group:
Risk Management
------------------------------------------------------
Job Family:
Business Risk & Control
------------------------------------------------------
Time Type:
Full time
------------------------------------------------------
Primary Location:
Tampa Florida United States
------------------------------------------------------
Primary Location Full Time Salary Range:
$130,880.00 - $196,320.00
In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.
------------------------------------------------------
Anticipated Posting Close Date:
Oct 29, 2024
------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review
Accessibility at Citi.
View the "
EEO is the Law" poster. View the
EEO is the Law Supplement.
View the
EEO Policy Statement.
View the
Pay Transparency Posting