Citi Group Head Cyber Risk Functions Technology SVP 

United States, Texas, Houston 

916338927

Functions and Technology is an important enabler of Citi's strategy, supporting the needs of Finance, Risk, HR, Chief Data Office, Chief Operating Office Technology, Global Legal Affairs, and Compliance, Internal Audit, etc. Its mission is to deliver world-class technology solutions for Citi's Global Functions using common data, analytics, and platforms. Citi's Technology Infrastructure services cover 14 functions from End user services, Compute/Network/Storage/Data, Public/Private Cloud, Data Center hosting, Mainframe and Host systems to production operations. TheHead of Cyber Risk for Global Functions and Technology is

Position Overview:

Key Responsibilities:

• Develop and implement a comprehensive cyber risk strategy aligned with the company's overall risk appetite and regulatory requirements for global functions and technology business units.
• Establish and maintain a robust cyber risk management operations and ensure cyber risk exposures are managed within the defined company risk appetite, proactively identifying and addressing potential breaches.
• Prepare and present clear, concise, and insightful cyber risk reports to senior management and relevant risk committees, effectively communicating risk exposures and mitigation strategies.
• Build and maintain strong relationships with senior and mid-level managers across business, technology, and risk functions, acting as a trusted advisor on all cyber risk matters.
• Represent the First Line of Defense cyber risk perspective in various risk forums and committees, contributing to informed decision-making.
• Lead, mentor, and develop a team of cyber risk analysts, fostering a high-performance culture focused on collaboration and excellence.
• Identify emerging thematic cyber risk issues, analyze potential impacts, and develop proactive preventative and detective controls to mitigate these risks.
• Oversee the design, implementation, and ongoing assessment of cyber risk controls to ensure their effectiveness in reducing risk.
• Partner with the internal regulatory team to address cyber risk-related inquiries and ensure compliance with relevant regulations.
• Collaborate effectively with the CISO organization, Technology and Business Risk & Controls, Second Line of Cyber Risk, Internal Audit, and other relevant stakeholders.

Qualifications:

We are looking for a highly skilled and experienced individual with the following qualifications:

• Minimum of 10 years of progressive experience in cyber risk management, information security within the financial services industry.
• Proven experience leading and managing a team of cyber risk professionals.
• Demonstrated experience in developing and implementing cyber risk strategies and frameworks in a large, global organization.
• Significant experience interacting with senior management and presenting risk findings.
• Experience in 1st Line of Defense risk management and interfacing with regulators, auditors, and risk committees
• Ability to assess emerging threats, cyber risk trends, and define control strategies
• Deep understanding of cyber risk management principles, frameworks (e.g., NIST CSF, ISO 27001, Cyber Risk Institute Profile), and methodologies.
• Familiarity with regulatory requirements and compliance frameworks relevant to the financial industry (e.g., GDPR, CCPA, GLBA).
• Strong knowledge of various cyber threats, vulnerabilities, and attack techniques
• Experience with risk assessment methodologies (e.g., qualitative and quantitative risk analysis).
• Excellent data analysis and reporting skills, with the ability to translate technical findings into business-relevant insights.
• Experience in developing and implementing risk metrics and key risk indicators (KRIs).
• Understanding of technology infrastructure, cloud computing, and application development
• Exceptional communication and presentation skills, with the ability to effectively communicate complex technical information to both technical and non-technical1 audiences, including senior management.
• Strong leadership and team management skills, with the ability to motivate, develop, and inspire a team.
• Excellent interpersonal and relationship-building skills, with the ability to collaborate effectively with diverse stakeholders.
• Strategic thinking and problem-solving3 skills, with the ability to anticipate future risks and develop proactive solutions.
• Strong influencing and negotiation skills, with the ability to drive consensus and achieve desired outcomes.
• Ability to work independently and manage multiple priorities in a fast-paced environment.
• Strong analytical and critical thinking skills,4 with a keen attention to detail.
• High level of integrity and ethical standards.

Education/Certifications:

• Bachelor’s/University degree, Master’s degree preferred
• Relevant professional certifications such as CISSP, CISM, CRISC, or equivalent are highly preferred.

Anticipated Posting Close Date: