The point where experts and best companies meet
Share
Overview of the Role
The Senior Vice President, Information Security Officer (Wealth - Digital and Partnership) is an intermediate level position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.
Responsibilities:
Work directly with business, functions and technology units and relevant stakeholders to facilitate/ perform Citi’s IS risk assessment and risk management processes in order to protect information assets.
Work with business and technology management to drive the information security program and information risk management activities.
Work with the internal Applications Development function to drive the development of strategies and plans for improving both architecture and application security
Provide strategic risk guidance for business and technology projects, including the evaluation and recommendation of security controls and corrective actions to mitigate or remediate risks.
Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.
Conduct and facilitate security reviews and table-top/red-team/scenario analysis exercises in conjunction with other Subject Matter Experts by monitoring changes in the risk profile and exposure for the application
Define secure configurations leveraging technical knowledge and problem solving skills in the network, database, API, Mobile and Web technology areas in accordance with the secure process and develop functional specifications and documentation
Assist with responsibilities over the technical strategy for an area, technical integrity of process, operations, and associated results
Participate in the evaluation and selection of applications and systems with specific focus on IS implications
Participate/provide, as required, IS awareness training programs for employees, contractors and approved system users.
Facilitate compliance with all Information Security policies, standards and regulations / directives as mandated by Global CISO Organization.
Provide oversight of Information Security Assessments across applications, infrastructure and business process. Ensure non-compliant items are resolved through coordination with Business Manager and business staff.
Qualifications:
10+ years of relevant experience
Additional technical certifications preferred
Demonstrated ability to take ownership and follow up on issues
Demonstrated ability to work in a team and to work well under pressure
Advanced analytical and problem solving skills
Consistently demonstrates clear and concise written and verbal communication
Proficient in interpreting and applying policies, standards and procedures
Demonstrated ability to remain unbiased in a diverse working environment
Sound understanding of Information security domains such as Identity access management, Cryptography, Data protection, Vulnerability Assessment, AuditLogging/Monitoring, etc.
Ability to manage multiple activities and changing priorities.
Ability to work under pressure and to meet tight deadlines.
Self-starter with ability to take the initiative and master new tasks quickly.
Good knowledge of software development processes (SLDC/Agile/Iterative/DevOps)
Education:
Bachelor’s degree/University degree or equivalent experience
Master’s degree preferred
Anticipated Posting Close Date:
View the " " poster. View the .
View the .
View the
These jobs might be a good fit