Citi Group Technology & Cyber Risk Senior Officer - Compliance 

Poland, Masovian Voivodeship, Warsaw 

93667993

Responsibilities:

• Supports the design, development, delivery and maintenance of best-in-class compliance programs, policies and practices.
• Assesses risks and evaluates compliance with various regulatory and legal requirements, identifying and addressing potential risks.
• Analyzes comparative data, prepares and maintains regional / global reporting related to compliance risk assessments and monitoring of compliance related issues.
• Investigates and assists with responses to compliance risk issues, including: preparing required documentation, making recommendations to senior management, and preparing responses to any regulatory inquiries.
• Monitors adherence to Citi’s Compliance Risk Policies and relevant procedures and recommends actions to ensure continued alignment with the firm’s risk appetite.
• Stays abreast of regulatory changes, new regulations, and internal policy changes to identify new key risk areas.
• Supports ad-hoc activities for the TCCORO organization, including but not limited to: researching and drafting materials for presentations of deep dives into selected topics, coordinating deliverables related to regulatory inquiries, and maintaining associated data for executive reporting.
• Helps to appropriately assess risk when business decisions are made, demonstrating knowledge for the firm's reputation and safeguarding Citigroup, its clients, and assets, by driving compliance with applicable laws, rules, and regulations, adhering to Policy, and applying sound ethical judgment.

Qualifications:

• 5-8 years of relevant experience
• Experience in reading and interpreting long and complex laws, rules, or regulations.
• Knowledge of Compliance laws, rules, regulations, risks and typologies relevant to the coverage area.
• Experience in compliance risk assessments, metrics, enterprise technology services, risks, and controls within globally complex, dispersed and diverse organizations.
• Understanding of compliance risks and controls across various information system architecture and engineering domains including: data protection, identity and access management, vulnerability management, network security, endpoint security, logging and monitoring, incident management, and third-party management.
• Knowledge and understanding of industry standard risk management frameworks (including ISO27001, COBIT, TOGAF and CRI for example), and an in-depth understanding of compliance risk mitigation strategies.
• Excellent written and verbal communication skills.
• Strong interpersonal skills with the ability to work collaboratively and with people at all levels of the organization.
• Ability to work collaboratively with regional and global partners in other functional units; and to navigate a complex organization.
• Excellent project management and organizational skills and capability to handle multiple projects at one time.
• Proficient in MS Office applications (Excel, Word, PowerPoint).

• Bachelor’s/Universitydegree or equivalent experience
• Relevant certifications in CISM, CRISC, CISSP, CISA, or PMP a plus

Time Type:

View the " " poster. View the .

View the .

View the