Citi Group Senior Vice President Business Risk Group Manager 

United States, Florida, Fort Lauderdale 

501681640

Overview of the Organization:

Overview of Chief Information Security Office (CISO):

The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients', our revenue, our employees and our proprietary data. We manage information security as one end-to end program – one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the firm and is deeply integrated into the sectors and functions.

• CISO Governance, Risk & Control, and Policy is responsible for providing governance, oversight, risk management, and strategic planning for CISO; as well as Third Party Information Security Assessments (TPISA). The team is also responsible for CISO Program and Performance Management including oversight of CISO’s book of work, maintaining a CISO strategy aligned with industry and regulatory requirements, and CISO’s performance management processes to ensure key IS metrics are in place to determine compliance with Citi’s standards. In addition, the team is responsible for the governance and oversight of Risk Management programs across CISO.
• CISO MCA, Regulatory Management, Controls, and Quality Assurance is responsible for Cyber MCA Governance and CISO MCA Transformation, Cyber CoB, TPM Governance, and Records Management, Cyber Quality Assurance services for Third Party Information Security Assessments, Information Security Risk Assessments, Vulnerability and Threat Management programs. Additionally, the team supports Cyber Regulation Management which involves managing new and updated regulations through conducting thorough impact assessments and ensuring closure of action plans.

Overview of the Role:

Responsibilities:

• Provide guidance and support to CISO process owners in all activities related to managing CISO processes and Global Process Profiles (GPMPs)
• Provider oversight for cybersecurity controls, guide CISO organization for control monitoring and testing.
• Manage the planning, coordination, and execution of MCA Transformation program for CISO
• Gain deep knowledge of MCA Standard, Process and tools to support future state MCA.
• Liaise with Technology MCA Team, Central Controls organization and Central Testing Utility in meeting Consent order deliverables and establishing testing strategy for cyber controls.
• Identify and document key controls necessary for mitigation of cybersecurity risk.
• Be a hands-on Subject Matter Expert (SME) with the ability to drive problem solving and root cause analyses, simplify complex messages and summarize key points
• Foster constructive dialogue and facilitate open discussion, sharing of knowledge and experience with customers and stakeholders
• Actively manage relationships with CISO business partners and risk management teams to achieve sustained success
• Directly support efforts on creating and implementing Global Process Profiles for CISO processes and support future state MCA governance.
• Support CISO businesses in second and third line reviews and challenges related to MCA.
• Actively manage relationships with engineering, operations, application, and risk management teams to achieve sustained success.
• Educate and train CISO staff at all levels on Manager’s Control Assessment and respective Policies and Standards.
• Manage the team inclusive of responsibilities for 1x1s, staff calls, performance assessments and continuing planning.

Qualifications:

• Experience in Operational Risk Management, Manager’s Control Assessment, Controls Standard, Enterprise Architecture Process governance, Information Security, Cybersecurity, Risk Management, Governance, Risk and Control (GRC)
• Risk Management, and/or Project Management certifications are a plus (e.g. CRISC, CISA, CISM, CISSP, PMP)

Critical Competencies:

• Innovate and demonstrate the passion and initiative required to enable growth and progress
• Bring creative approaches to help us drive value for clients
• Ability to influence decisions with senior leadership and business partners when confronted with differing opinions on information security risks
• Demonstrate clear and concise written and verbal communication
• Proven influencing and relationship management skills
• Strong work ethic, ability to work under pressure, meet challenging deadlines
• Proven analytical skills
• Proficiency with Microsoft Office, advanced Excel skills (e.g. macros, pivots, complex formulas)
• Familiarity with data visualization/analytics business applications such as Tableau, QlikView, and Microsoft Power BI
• Familiarity with Machine Learning and Artificial Intelligence (AI) is a plus

Anticipated Posting Close Date:

View the " " poster. View the .

View the .

View the