The Info Sec Prof Lead Analyst is an intermediate level position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.Responsibilities:
- Develop corrective action language for Information Security (IS) gaps and ensure risk closure meets Citi requirements or industry best practices
- Facilitate the implementation of approved IS tools and identify/recommend new or improved security solutions or emerging technologies
- Mitigate risk by analyzing the root cause of issues, impacts to business, and required corrective actions and develop security solutions
- Ensure IS compliance and seek opportunities to enhance the efficiency of IS policies and procedures
- Identify significant IS threats and vulnerabilities, and define appropriate controls for discovered threats, documenting the business response
- Disseminate changes to IS regulations and standards to Business and Program owners
- Provide Information Security advice and counsel as needed
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
Qualifications:
- 11+ years of relevant experience
- Additional technical certifications are preferred
- Demonstrated ability to research and apply current information regarding the IS field
- Consistently demonstrates clear and concise written and verbal communication
- Proven influencing and relationship management skills
- Proven analytical skills
Education:
- Bachelor’s degree/University degree or equivalent experience
- Master’s degree preferred
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
External certification ISO 27k/PCI review & acceptance procedure
Information Security
Time Type:
Full timeView the " " poster. View the .
View the .
View the