Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

Citi Group ISO Sr Analyst - C12 
Mexico, Mexico City 
872366284

25.06.2024

The Information Security Operations (ISO) Sr. Analyst is an intermediate level position responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.Responsibilities:

  • Address security issues identified in the various information security programs
  • Review and address issues identified within various Information Security (IS) programs and ensure all IS issues related to Internal Audit, and External Auditors are closed by their original target date
  • Improve the efficacy of governance processes by identifying risks, monitoring controls, and remediating issues
  • Establish cross-sector working relationships and complete weekly awareness discussions with local team to efficiently tackle security issues
  • Ensure risk exceptions are raised, registered and closed on a timely basis and communicate updates and changes to the global standards
  • Complete Risk Assessment process, including completing accurate inventory reporting, data classification, threat analysis, and action plans
  • Test and validate that the business complies with applicable IS requirements; develop and implement IS policies and procedures
  • Determine and validate appropriate level of controls are being implemented to safeguard sensitive data
  • Develop Corrective Action Plans for all Information Security-related gaps and approve all closures through reviewing evidence to ensure each closure meets Citi Requirements
  • Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
  • Has the ability to operate with a limited level of direct supervision.
  • Can exercise independence of judgement and autonomy.
  • Acts as SME to senior stakeholders and /or other team members.
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.


Qualifications:

  • 5-8 years of relevant experience
  • Proficient in interpreting and applying policies, standards and procedures
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills


Education:

  • Bachelor’s degree/University degree or equivalent experience


This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

  • 5+ years’ experience in IS and at least 3 IS programs including, but not limited to, Audit Reviews, Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Incident Management, Vulnerability Assessment. Knowledge of key government regulations and local laws.
  • Project management experience.
  • Other Risk Management activities should be as Sector or business IS SME or some risk management role.
  • Excellent consulting and problem solving skills.
  • In depth knowledge of IS programs.
  • Advanced presentation skills, program management, and relationship management skills.
  • Excellent knowlege in IS regulatory requirrements (for IS)
  • Able to work with senior business management to implement IS strategy.
  • University degree, in any technical or adminstration career is desirable
  • Desirable Professional certification, such as CISSP, CISM , CISA or willingness to obtain certification within 12-18 months of start date
  • Exhibit strong influencing / negotiation skills as well as written/verbal communication skills.
  • intermediate English

Information Security


Time Type:

Full time

View the " " poster. View the .

View the .

View the