Citi Group SVP Tech & Cyber Risk - Regulatory Governance 

United States, New York, New York 

581215052

Responsibilities:

• Oversee the application of technology and/or cyber risk policies, tools, technology and governance processes, creating sustainable solutions for minimizing losses resulting from failed internal processes, inadequate controls, and emerging risks.
• Monitor business adherence to Citi’s technology and/or cyber risk policies, standards and procedures.
• Design and oversee the implementation of robust control measures to mitigate identified technology and/or cyber risks.
• Review and challenge the effectiveness of risk mitigation strategies, tools and methodologies used for threat intelligence and threat analysis implemented by the 1st line of defense.
• Build and maintain effective relationships with Business partners, establishing credibility by understanding the business, their needs, strategic priorities, and challenges.
• Provide strategic technology and/or cyber risk advisory and support to the business and other stakeholders. Guide them in making informed decisions that consider the potential impacts and risks of technology and/or cyber threats.
• Partner with key stakeholders to drive technology and/or cyber risk management strategy in alignment with organizational objectives and risk appetite.
• Foster a culture of technology and/or cyber risk awareness and accountability in the organization, ensuring that employees understand their roles and responsibilities in mitigating risk exposure.
• Partner with Sr. management on the reporting and presentation of technology and/or cyber risk incidents, trends, and key developments to the board, regulators, and other key stakeholders, as applicable.
• Support internal and external audits and regulatory examinations, as applicable.
• Report and escalate significant risk issues and breaches to executive management.
• Is an enthusiastic and early adopter of change; takes ownership for helping others see a better future and stay positive during uncertainty.
• Demonstrates and inspires curiosity in seeking new ways to overcome challenges; actively applies learning from failures.
• Challenges self and others to seek out and communicate alternative views even when unpopular; welcomes diverse ideas to improve outcomes.
• Acts as a catalyst for change by identifying and helping others see where new ideas could benefit the organization.
• Proactively seeks to understand and act in alignment with organizational decisions; helps others prioritize team and enterprise success over their own personal agenda.
• Focuses on highest-priority work aligned to business goals; helps others effectively manage competing priorities.
• Proactively identifies opportunities to streamline work; creates process improvements that enhance efficiency for self and the team.
• Takes personal accountability for escalating, identifying, and managing potential risk; implements controls that enhance the client experience and operational effectiveness.
• Anticipates problems and proactively identifies solutions that address the root causes and result in meaningful improvements.
• Sets high expectations and invests the necessary effort to deliver excellence and exceed performance goals.
• Role-models and helps others to do the right thing for clients and Citi in all situations, even when difficult.
• Engages key stakeholders early and often and actively looks for opportunities to improve collaboration in achieving common goals.
• Proactively seeks out opportunities to volunteer in Citi programs that support the community; advocates for solutions that meet the needs of Citi’s clients and the community.
• Enthusiastically promotes the unique needs and preferences of colleagues; makes active commitment to help colleagues achieve balance, well-being, and development.
• Leverages varied networks to recruit diverse talent; advocates for colleagues with diverse skillsets, styles, and experiences to gain career opportunities.
• Empathetically listens and understands others’ positions before acting on issues; works to amplify voices that are minimized in the workplace.

Qualifications:

• Deep understanding of various technology risk and/or cyber principles, strategies, and technologies, including proficiency in areas such as data protection, network security, threat analysis, identity and access management, incident response, and security architecture.
• Proficiency in operational risk management frameworks, industry standards, regulatory requirements, and risk mitigation practices.
• Demonstrated leadership in coordinating with business units and senior management to address technology risk and/or cyber risk issues and implement solutions.
• Experience handling security incidents, including detection, response, mitigation, and post-incident analysis is crucial.
• Demonstrated track record of effectively assessing and managing competing priorities.
• Experience interacting with Regulators and Internal Audit.
• Previous experience collaborating on complex firm-wide projects or processes.
• Experience working in a regulated industry (e.g., banking, finance, insurance, healthcare).
• Professional certifications in either technology risk or cyber risk preferred, including: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), ERM, CET, ISO27001, COBIT, TOGAF, or CRI.
• Effective leadership ability to credibly challenge and influence stakeholders.
• Comfortable in dynamic environments, capable of adapting to change while maintaining focus on risk management objectives.
• Ability to think strategically and align technology and/or cyber risk and broader operational risk management with organizational goals and regulatory obligations.
• Excellent communication skills, with the ability to interact effectively at all levels, develop strong partnerships across the organization, and present complex information clearly to senior management and stakeholders.
• Compelling leadership qualities with ability to credibly challenge the 1st line and influence stakeholders.
• Effective stakeholder management skills, with the ability to understand drivers and overcome barriers.
• Dynamic negotiation skills, a proactive and 'no surprises' approach in communicating issues and strength in sustaining independent views.
• Robust analytical problem-solving abilities and a high level of integrity to deal with highly confidential data.

Education:

Bachelor's/University degree, Master's degree preferred

Job Description

The mission of the Technology and Cyber Compliance and Operational Risk Office (TCCORO) is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while promoting the implementation of actions to address root causes which may lead to unintended operational losses or regulatory breaches. TCCORO provides subject matter expertise to challenge Enterprise, Infrastructure, and Technology entities across the firm. In line with the Operational Risk Management (ORM) and Independent Compliance Risk Management (ICRM) frameworks, we aim to ensure that the internal controls that are designed to mitigate technology and cyber risks are managed, mitigated, and aligned with our risk appetite.

Responsibilities:

• Leads Governance Reporting related responsibilities from receipt of request to final delivery, including tracking, planning, coordinating, drafting, and distributing all related deliverables to meet expected target dates for applicable risk and control forums.
• Serves as TCCORO’s Governance Delegate to liaise between internal executive management and other risk functions.
• Prepares communications and reports, and develops associated presentations for senior management, stakeholders, and regulatory engagements.
• Contributes to the design, roll-out and governance of various reporting solutions.
• Supports the ongoing program management of governance activities across the TCCORO organization (i.e., tracking of deliverables for all committees, forums, working groups, regulatory inquiries, etc.)
• Identifies opportunities to enhance and contribute to the implementation of common processes and integrated technology platforms.
• Presents findings and analysis in a polished manner that is easily understood by internal and external business professionals at all levels.
• Executes ad-hoc activities for the TCCORO organization, including but not limited to drafting materials for presentations to senior leadership, coordinating deliverables related to audits and examinations, and maintaining associated data for executive reporting.
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Qualifications:

• Proven experience in the Regulatory Interaction space (i.e., Exam coordination, Meeting materials, Follow Up Requests, Ongoing Supervision, ad hoc requests, etc.)
• 10+ years of relevant experience in Banking, Finance, or related consulting with a focus on governance, communications, and regulatory engagement responsibilities.
• A penchant for story telling using data and visualizations to socialize findings and insights to key executives and stakeholders.
• Strong written and verbal communications skills including the ability to track deliverables and articulate complex problems and solutions through concise and clear messaging; developed communication and diplomacy skills are required to guide, influence, and potentially convince others, in particular colleagues in other areas and occasional stakeholders (i.e., Internal Audit, Citi’s Regulatory Agencies, etc.).
• Ability to effectively prioritize complex projects and the skills to adapt quickly to new challenges and concepts, capable of navigating ambiguity and problem-solving issues in a heavily matrixed corporate environment.
• Highly organized and motivated self-starter with strong attention to detail and a teamwork-oriented approach
• Strong interpersonal skills with the ability to work collaboratively and with people at all levels of the organization within and across project teams, functions and business units under tight timelines.
• Proficiency in MS Office applications (advanced expertise in Excel, PowerPoint, SharePoint, Teams a plus).

Education:

• Degree in finance, accounting, analytics, operations research, statistics, mathematics, or related data science or finance / economics with relevant work experience. Master’s degree preferred.
• Relevant certifications a plus.

Anticipated Posting Close Date:

View the " " poster. View the .

View the .

View the