Citi Group Cyber Risk Senior Analyst 

Poland, Masovian Voivodeship, Warsaw 

398573118

The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firm’s reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while promoting the implementation of actions to address root causes which may lead to unintended operational losses or regulatory breaches. TCCORO provides the specialist subject matter experts to challenge Enterprise, Infrastructure, Operations and Technology entities across the firm. We are the technology and cyber conscience of the bank. In line with the Operational Risk Management (ORM) and Independent Compliance Risk Management (ICRM) frameworks, we aim to ensure that the internal controls that are designed to mitigate technology and cyber risks are managed, mitigated, and aligned with our risk appetite.

The Role

You as isSenior Analystpart of the Markets Tech Risk & Compliance function and is a strategic professional who closely follows latest technology and cybersecurity trends in the field and adapts them for application within the bank. The role will leverage technology and cyber subject matter expertise, business experience, data analysis techniques, current events, and industry trends and best practices to inform the prioritization of risks and the second-line’s approach for associated challenge and influence activities.

What You Will Do

• Review compliance and technology and cyber policies and procedures, technology and tools, and governance processes to provide credible challenge for minimizing losses from technology and cyber]risks
• Assesses technology and cyber risks and evaluates actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices
• Monitor, evaluate, and challenge of Key Risks and associated Key Risk Indicators triggers and thresholds
• Reviews potential risks associated with program/project delivery on a technical level
• Supports independent assurance activities to assess areas of concern including substantive and controls testing
• Participates in various second line of defence technology and cyber assessments including risk assessments, control assessments, maturity assessments etc.
• Supports the challenge of the design, adequacy and strength of the control environment associated to technology and cyber and recommends actions to ensure the operational risk profile is in line with the technology and cyber riskappetite
• Ad-hoc activities for the TCCORO organization, including but not limited to: researching and drafting materials for presentations of deep dives into selected topics, coordinating deliverables related to audits and examinations, and maintaining associated data for executive reporting
• Assesses technology and cyber risks associated with new initiatives and programs being proposed for implementation

What We Will Need From You

• Proven track record working with cyber risk assessments, metrics, enterprise technology services, risks, and controls within global complex, dispersed, and diverse organizations
• Understanding of technology and cyber] risks and controls across various information system architecture and engineering domains including data protection, identity and access management
• You will also possess good working knowledge of vulnerability management, network security, endpoint security, logging and monitoring, incident management, and third-party management
• Knowledge and understanding of industry standard risk management frameworks (including ISO27001, COBIT, TOGAF and CRI for example), and an in-depth understanding of technology and cyber risk mitigation strategies
• Excellent written and verbal communication skills
• Must be a self-starter, flexible, innovative, and adaptive
• Strong interpersonal skills with the ability to work collaboratively on a global scale
• Excellent project management skills; able to manage multiple projects at any one time
• Proficient in MS Office applications
• Relevant certifications in CISM, CRISC, CISSP, CISA, or PMP desirable
• Exposure to capital markets (e.g., sales & trading) preferred
• Bachelor’s / Universitydegree or equivalent experience

What’s On Offer

By joining Citi Solutions Center Poland, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive base salary (which is annually reviewed) and enjoy a whole host of additional benefits such as:

• Private Medical Care Program
• Life Insurance Program
• Pension Plan contribution (PPE Program)
• Employee Assistance Program
• Paid Parental Leave Program (maternity and paternity leave)
• Sports Card
• Holidays Allowance
• Sport and team recreation activities
• Special offers and discounts for employees
• Access to an array of learning and development resources
• A discretional annual performance related bonus
• A chance to make a difference with various affinity networks and charity initiatives

Time Type:

View the " " poster. View the .

View the .

View the