Overview of the Role:
Overview of the Chief Information Security Office (CISO):
Responsibilities:
- Responsible for supporting and executing Information Security (IS) activities that are relevant to the businesses, applications, and processes.
- Work with the internal Applications Development function to drive the development of strategies and plans for improving both architecture and application security.
- Conduct and facilitate security reviews with other Subject Matter Experts by monitoring changes in the risk profile and exposure for the application.
- Identify new requirements / enhancements to standards, tools, and processes.
- Driving compliance with applicable laws, rules and regulations, adhering to Citi policies and standards.
- Provide recommendations on IS aspects of projects and assess/report Corrective Action Plans to improve IS programs and initiatives.
- Escalate significant risks to the IS Leadership for information or required actions.
- Improve processes, by removing deficiencies and enhancing current tools that reduce an overall risk profile.
- Ensure security practices/standards compliance and reduce security risks through enhancing controls and minimizing weaknesses in Citi’s applications portfolio.
- Ensure non-compliant items are resolved through coordination with Business Manager and business staff.
- Support the Information Security policies, standards, and initiatives development and implementation.
- Increase communication efficiency with cross-sector ISOs to resolve security issues that span multiple businesses.
- Acts as SME to senior stakeholders and /or other team members.
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
Qualifications:
- 6+ years of relevant experience in Information Security.
- Proficient in interpreting and applying policies, standards and procedures
- Consistently demonstrates clear and concise written and verbal communication
- Proven influencing and relationship management skills
- Proven analytical skills
Education:
- Bachelor’s degree/University degree or equivalent experience
- Master’s degree preferred
- Certification preferred: CISA, CISSP, CISM, CRISC, GSEC
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
- Work with a variety of businesses and exposed to many different technologies.
- Ability to support emerging technologies and product ideas.
- Act in the capacity of a Subject-Matter-Expert (SME) to support cross-functional initiatives as it relates but not limited to Security Reviews, Risk Evaluation, System Development Lifecycle, Compliance, and Issue Management.
Information SecurityFull timeIrving Texas United States$125,760.00 - $188,640.00
Anticipated Posting Close Date:
Jun 11, 2024View the " " poster. View the .
View the .
View the