Citi Group Sr Information Security Officer Wealth - Digital Partnership Hybrid 

United States, New York, New York 

270956340

Overview of the Role

The Senior Vice President, Information Security Officer (Wealth - Digital and Partnership) is an intermediate level position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Responsibilities:

• Work directly with business, functions and technology units and relevant stakeholders to facilitate/ perform Citi’s IS risk assessment and risk management processes in order to protect information assets.

• Work with business and technology management to drive the information security program and information risk management activities.

• Work with the internal Applications Development function to drive the development of strategies and plans for improving both architecture and application security

• Provide strategic risk guidance for business and technology projects, including the evaluation and recommendation of security controls and corrective actions to mitigate or remediate risks.

• Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.

• Conduct and facilitate security reviews and table-top/red-team/scenario analysis exercises in conjunction with other Subject Matter Experts by monitoring changes in the risk profile and exposure for the application

• Define secure configurations leveraging technical knowledge and problem solving skills in the network, database, API, Mobile and Web technology areas in accordance with the secure process and develop functional specifications and documentation

• Assist with responsibilities over the technical strategy for an area, technical integrity of process, operations, and associated results

• Participate in the evaluation and selection of applications and systems with specific focus on IS implications

• Participate/provide, as required, IS awareness training programs for employees, contractors and approved system users.

• Facilitate compliance with all Information Security policies, standards and regulations / directives as mandated by Global CISO Organization.

• Provide oversight of Information Security Assessments across applications, infrastructure and business process. Ensure non-compliant items are resolved through coordination with Business Manager and business staff.

Qualifications:

• 10+ years of relevant experience

• Additional technical certifications preferred

• Demonstrated ability to take ownership and follow up on issues

• Demonstrated ability to work in a team and to work well under pressure

• Advanced analytical and problem solving skills

• Consistently demonstrates clear and concise written and verbal communication

• Proficient in interpreting and applying policies, standards and procedures

• Demonstrated ability to remain unbiased in a diverse working environment

• Sound understanding of Information security domains such as Identity access management, Cryptography, Data protection, Vulnerability Assessment, AuditLogging/Monitoring, etc.

• Ability to manage multiple activities and changing priorities.

• Ability to work under pressure and to meet tight deadlines.

• Self-starter with ability to take the initiative and master new tasks quickly.

• Good knowledge of software development processes (SLDC/Agile/Iterative/DevOps)

Education:

• Bachelor’s degree/University degree or equivalent experience

• Master’s degree preferred

Anticipated Posting Close Date:

View the " " poster. View the .

View the .

View the