Expoint - all jobs in one place

המקום בו המומחים והחברות הטובות ביותר נפגשים

Limitless High-tech career opportunities - Expoint

Citi Group Cybersecurity Controls Testing Lead - SVP Hybrid 
United States, Kentucky 
868294327

13.09.2024

Excellent management and communication skills are required to negotiate internally, often at a senior level. Developed communication and diplomacy skills are required to guide and influence others, in particular colleagues in other areas and occasional external customers. Accountable for controls testing results and advice regarding the controls execution. The role necessitates a degree of responsibility over technical strategy. Responsible for supporting the Enterprise Controls Testing Head on handling staff management issues, including resource management and allocation of work within the team/project.Responsibilities:

  • Supports the Controls Testing Utility by assessing control design, designing control testing tools, developing control testing procedures, ensuring control testing transitions, dispositioning exceptions, and developing insights for all controls within the Technology & InfoSec organization.
  • Carries key responsibility for Control Design Assessment (CDA) by resolving escalations, defining the work plan, and designing the quality review process.
  • Performs decision-making of control testing design activity, which includes approving/signing-off, undertaking escalations, and owning Internal Audit and issue management related actions.
  • Approves testing procedures in Confluence and is responsible for delivering relevant procedures to Internal Audit reviews and issue remediation.
  • Maintains resource forecast for own team as well as forecasting for successful controls testing transition and Central Execution training.
  • Has the ultimate decision on controls testing outlier escalations.
  • Handles control testing interactions with senior managers at Director or Managing Director levels.
  • Represents control testing in Operational Risk Forums (ORF) and senior meetings as needed and works with each respective team to finalize materials.
  • Develops and drives quality-checking routines to ensure compliance with all relevant policies, operating guides, and owned control testing.
  • Supports team members on topics ranging from testing design and execution to performance management and control testing platforms basics.
  • Helps driving continuous improvements in accuracy, efficiency, timeliness, and quality of MCA control design assessment and controls testing.
  • Maintains relationships and drives accountability with partners and stakeholders to drive control testing's success in support of the business's strategy.
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.
  • Supports other relevant work efforts of department where needed and as directed by their manager.

Qualifications:

  • 10+ years relevant experience, 5+ years in Risk & Controls roles, 5+ years of direct management experience preferred. Hands on experience in the Finance function in a Global Bank would be a plus.
  • Good understanding of Financial Services products and services.
  • Expert in InfoSec Risk and Control as well as Cyber Risk Appetite as well as industry frameworks and methodologies to enable robust Control Design Assessment and Control Testing.
  • Subject matter expert on controls design, execution and/or control testing.
  • Expert-level understanding of MCA (Managers Control Assessment) frameworks and processes.
  • Advanced skills in MS Word, MS Excel, MS PowerPoint, and MS SharePoint.
  • Effective communication, written and presentation skills.
  • Outstanding people and relationship management skills with the ability to influence others and foster a sense of collaboration.
  • Independent thinker and able to perform a credible challenge of businesses/functions.
  • Ability to work effectively on virtual teams, including across different geographies and time zones preferred.
  • Knowledge of human-centered design an advantage.

Travel Requirement:

  • Less than 10%.

Education:

  • University degree preferred.

Responsibilities:

  • Guide and influence governance and the facilitation of the execution of the Manager Control Assessment (MCA, i.e.. Risk & Control Self-Assessment) as required by the MCA Standard including the assessment and appropriate approval of risk associated with business changes.
  • Responsible for the quality, completeness, and accuracy of the implementation of the Control Framework, including Risk Control Policy, Control Standard, Issue Management Policy, Lesson Learned Policy and Control Inventory.
  • Manage and allocate resource for the identification of issue root cause, partnering with control and process owners to recommendations holistic corrective actions and improvements, provide check and challenge to ensure appropriate escalation in according with Issue Management and Escalation Policies.
  • Assist in directing teams in the implementation of the Lessons Learned Policy, including monitoring of control breaches and dissemination and learnings across other business units for process improvement to limit the occurrence of similar future events and where similar risk exposure might exist.
  • Support review and challenge, within the FLUs, on the effective design and management of controls to mitigate risks as required by the Control Standards, including implementation and operation, conducting the control monitoring, handling deficiencies, and escalating issues for resolution.
  • Direct teams on the timeliness, accuracy and completeness of the MCA through controls prior to the execution of a process (QC).
  • Assess adherence to the MCA Standard through controls after the execution of a process (QA).
  • Exercise control over Operational and Compliance Risk in accordance with established Policy requirements.
  • Allocate resource to identify, assess, escalate, and manage risk exposures across Risk Categories (Operational Compliance, Strategic, Reputational, etc), including material, emerging and concentration risks in accordance with enterprise Policies and the establishment of Key Indicators to monitor risk exposures.
  • Assess Risk Appetite and monitor / assess exposures against this in accordance with enterprise requirements (if applicable).
  • Take ownership to identify, assess, record and response to Operational and Compliance Risk events, ensuring these are captured accurately, timely and in accordance with requirements.
  • Responsible that adequate governance and training are in place to support management of Risk profiles.
  • Assess the risks associated with New Activities and changes to the Business, ensuring these are well understood and adequately controlled (if applicable).
  • Support operational risk scenario analysis and stress testing for Operational Risk Capital requirements.
  • Take ownership of risk and control assessments or coordination for programs within various risk stripes and ensure sufficient subject matter expertise exists to enable management of these risks within the Business (e.g. third party, fraud, sanctions etc) (if applicable).
  • Take ownership to ensure that risk and control responsibilities and accountabilities are embedded within FLUs, including providing training and leading by example.
  • Guide and influence standards and procedures that conform to enterprise requirements and support sound operational and compliance risk management.
  • Apply knowledge of the business, products or services to identify and implement control points and processes throughout the business.
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behaviour, conduct and business practices, and escalating, managing and reporting control issues with transparency.
Risk Management

Full timeFlorence Kentucky United States$134,960.00 - $202,440.00


Anticipated Posting Close Date:

Sep 19, 2024

View the " " poster. View the .

View the .

View the