Citi Group Head Cyber Regulation Management 

United States, Texas, Irving 

834209332

About Citi:

is responsible for providing governance, oversight, risk management, and strategic planning for Chief Information Security Office (CISO); as well as Third Party Information Security Assessments (TPISA). The team is also responsible for CISO Program and Performance Management including oversight of CISO’s book of work, maintaining a CISO strategy aligned with industry and regulatory requirements, and CISO’s performance management processes to ensure key IS metrics are in place to determine compliance with Citi’s standards. In addition, the team is responsible for the governance and oversight of Risk Management programs across CISO.

Overview of the Role:

As theof Cyber Regulation Management, you will lead Cyber Regulation Management program for CISO globally and is responsible for ensuring CISO adherence to Citi Compliance Policy and Regulation Management standard as well as applicable cybersecurity regulatory requirements globally. This role partners closely with Citi Legal and ICRM to design, develop, and deliver information security regulatory programs for CISO. The overall objective of this role is to lead impact assessments of new and updated regulations applicable to CISO and ensure the organization is compliant with the requirements providing guidance and support to CISO functions.

This role requires a broad and comprehensive understanding of the different regulations relevant to CISO as well as strong knowledge of cybersecurity and underlying technologies. The successful candidate will have demonstrated success and be highly adept at leading global programs, managing high profile regulatory commitments, aligning resources and strategic decisions and driving transformation across a complex enterprise to support cybersecurity goals.

Job Responsibilities

• Serve as a subject matter expert on Citi’s regulatory programs and frameworks including GLBA, NYDFS, and PCI DSS as well as key European and Asia regulations.

• Provides expert guidance on information & cybersecurity for regulations to manage risks.

• Leads initiatives and manages high-impact project work streams with a results-driven focus to deliver solutions, including coordinating the implementation of new regulatory requirements.

• Guides on completing regulatory assessments and ultimately review and sign off to ascertain the assessment’s completeness and accuracy.

• Work with information security officer, functional owner, ICRM and legal as needed to determine projects meet regulatory requirements.

• Partnering with other ICRM teams and global functions, including Legal, Risk, Operations and Technology, and HR to prevent and detect non-compliance issues and promote a culture of compliance.

• Accountable for the quality, completeness, and accuracy of the implementation of the regulatory governance control analysis, remediation, applicability and mapping Framework.

• Determines the needs of policy updates, identifying opportunities driving process and control standardization (MCA) enhancements, and the development of improved monitoring controls and compliance metrics.

• Executes risk control coverage strategy, ensure appropriate risk mitigation actions are in place and escalate to senior management as appropriate.

• Guides CISO management in exercising control over Regulatory Operational and Compliance Risks in accordance with established Policy requirements.

• Influences standards and procedures that conform to enterprise requirements and support sound operational and compliance risk management.

• Responsible for managing and supporting multiple risk and control programs for the team including defining the strategy, approach, processes, and reporting.

Qualifications:

• Candidate with 10+ years of relevant experience in Technology/Cybersecurity/Risk Management

• Strong understanding of Risk Management, Cybersecurity and compliance within a large corporate environment

• Broad understanding of relevant banking regulation and supervisory expectations for large complex financial institutions.

• Well-developed listening skills and a strong ability to engage at the executive management level by providing proactive support and advice on a variety of risk matters.

• Superior oral and written communication skills, and in particular ability to assess and contribute to the content of key risk and control reporting.

• Strong leadership skills and demonstrated experience with a proven track record in driving positive and sustained change.

• Ability to lead by example, strong influential and interpersonal skills, used to deliver results and push the organization agenda in a complex environment.

• Strong ability to engage at the senior management level and demonstrated communication experience at different levels of organization

BS/BA degree in Technology, Cybersecurity, Risk Management or related fields

Anticipated Posting Close Date:

View the " " poster. View the .

View the .

View the