Citi Group Cybersecurity Manager Control Assessment MCA Analyst AVP 

United States, Texas, San Antonio 

555586132

CISO Governance, Control, and Policyis responsible for providing governance, oversight, risk management, and strategic planning for CISO; as well as Third Party Information Security Assessments (TPISA). The team is also responsible for CISO Program and Performance Management including oversight of CISO’s book of work, maintaining a CISO strategy aligned with industry and regulatory requirements, and CISO’s performance management processes to ensure key IS metrics are in place to determine compliance with Citi’s standards. In addition, the team is responsible for the governance and oversight of Risk Management programs across CISO.

Responsibilities:

• Manage the planning, coordination, and execution of MCA Transformation program for CISO
• Help lead efforts on creating global process profiles for CISO processes
• Gain deep knowledge of MCA Standard, Process and tools to support future state MCA.
• Support CISO Process and Control owners in their responsibilities related to MCA execution.
• Identify and document key controls necessary for mitigation of cybersecurity risk.
• Be a hands-on Subject Matter Expert (SME) with the ability to drive problem solving and root cause analyses, simplify complex messages and summarize key points
• Foster constructive dialogue and facilitate open discussion, sharing of knowledge and experience with customers and stakeholders
• Actively manage relationships with CISO business partners and risk management teams to achieve sustained success
• Educate and train people at all levels on how to apply basic tools and methodologies to achieve improvement objectives
• Establish relationships that balance short-term gains with long-term considerations

Qualifications:

• 5+ years of experience in Manager’s Control Assessment, Operational Risk, Information Security, Cybersecurity, Risk Management, Governance, Risk and Control (GRC)
• Risk Management, and/or Project Management certifications are a plus (e.g. CRISC, CISA, CISM, CISSP, PMP)

Critical Competencies:

• Bring creative approaches to help us drive value for clients
• Ability to influence decisions with senior leadership and business partners when confronted with differing opinions on information security risks
• Demonstrate clear and concise written and verbal communication
• Strong work ethic, ability to work under pressure, meet challenging deadlines
• Proven analytical skills
• Proficiency with Microsoft Office, advanced Excel skills (e.g. macros, pivots, complex formulas)
• Familiarity with data visualization/analytics business applications such as Tableau, QlikView, and Microsoft Power BI
• Familiarity with Machine Learning and Artificial Intelligence (AI) is a plus

Anticipated Posting Close Date:

View the " " poster. View the .

View the .

View the