המקום בו המומחים והחברות הטובות ביותר נפגשים
Overview of the Role
The purpose of the Chief Information Security Office (CISO) Policy team is to establish and maintain policies and standards that provide management and operational controls to reduce risk and achieve regulatory compliance. The Policy team helps cybersecurity program owners to align policy requirements with industry frameworks and regulatory expectations and manages the cybersecurity policy document workflow through iterative drafts, working group reviews, and governing body approvals.
Responsibilities:
This role will support the strategy for anchoring our standards in a modern control framework, aligning requirements to Citi’s cybersecurity risk tolerance, and establishing compliance monitoring as well as consequences for noncompliance. Focus areas will be closing gaps in control coverage, defining clear, measurable, and prescriptive requirements, and aligning with Citi’s global technology and risk management policy and standard requirements, as well as Citi’s global policy governance processes. This policy manager will establish and maintain strong connections across the CISO organization and make recommendations to senior leadership regarding policy and control enhancements.
Qualifications:
6-10 years experience in a related technology role and subject matter expert in overall field
BA/BS degree or equivalent work experience
Policy writing expertise, with the ability to present information clearly and concisely to a wide breadth of stakeholders / senior management
Risk management experience, including regulatory assessments, audit interaction, and enterprise control frameworks
Knowledge of industry control frameworks (e.g., CRI Profile, FFIEC CAT, NIST)
Ability to motivate and manage by influence
Excellent written and verbal communication skills
Results-oriented, high-energy, self-motivated
Technical skills (e.g., system and network security, application security) preferred
Investigating policy violations preferred
Relevant certification (e.g., CISA, CISSP, CISM) preferred
Education:
Bachelor’s/University degree or equivalent experience, potentially Masters degree
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
Anticipated Posting Close Date:
View the " " poster. View the .
View the .
View the
משרות נוספות שיכולות לעניין אותך