Information Security Officer - VP C13 (Hybrid)

About Citi:

As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do. We keep the bank safe and provide the technical tools our workers need to be successful. We design our digital architecture and ensure our platforms provide a first-class customer experience. Our operations teams manage risk, resources, and program management. We focus on enterprise resiliency and business continuity. We develop, coordinate, and execute strategic operational plans. Essentially, Enterprise Operations & Technology reengineers client and partner processes to deliver excellence through secure, reliable, and controlled services.

Trust is part of our DNA at Citi. As such, we take safeguarding our customer data very seriously. The Chief Information Security Office (CISO) is made up of deeply dedicated and talented colleagues who work together to ensure the safety of Citi’s and our clients’ assets and information. We manage information security as an end-to-end program – one with a clear mandate and accountability. Our mission is to continually execute and enhance a global security program that is fully anchored to modern control and security frameworks, fully aligned with the technology of the firm, threat-focused and data-driven, and deeply integrated across all Citi businesses globally.

Being talent-driven, we are focused on attracting, developing, and retaining diverse and inclusive talent with a high technical skill level. As a member of our team, we will provide you with career development opportunities at all stages of your career. Our employees model a passion for protecting Citi and our clients and believe in treating others with dignity and respect.

Our commitment to diversity includes a workforce that represents the clients we serve globally from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.

Information Security Officer

This position supporting ICG (Institutional Clients Group) business in Citi and is tasked with the goal of preventing, monitoring and responding to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the Cyber risk in the ICG production environment is mitigated timely and the environment remains in alignment with Citi's Information Security policies and standards.

The successful candidate will demonstrate an extensive IS background with strong program/project management skills and should establish relationships with key stakeholders such as application managers, production support teams, domain architects, infrastructure teams, project managers, ICG Information Security Leadership, Information Security Officers and corporate functions 

Responsibilities:

• Drive the proactive execution of program deliverables within the Vulnerability Management program
• Manage performance and risk within Technology and Cyber Risk appetite
• Identify and implement process improvements within the target programs
• Act as the liaison and Subject Matter Expert for the Application Managers/Control Teams/ and the Corporate Citi Information Security Office teams
• Facilitate and ensure sector compliance with all IS policies, standards, and commitments including management metrics (Cyber Security Risk Appetite) associated with these programs
• Ensure risks are identified, assessed, mitigated and controlled, and assist Security Incident Response Teams as the Business IS Consultant
• Participate in enterprise and ICG-level working groups related to these programs and influence development or enhancement of related standards and policies
• Preemptively communicate Information Security strategies and plans to the ICG organization
• Influence Citi Information standard/polices, processes to drive risk reduction
• Appropriately assess risk when business decisions are made, demonstrating consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency

Qualifications:

• 5+ years of experience in information security with a broad understanding of information security disciplines and domains
• 3+ years of experience managing projects/programs within Information Security domains
• 3 + years of experience in risk management in one or more of the following risk disciplines: technology risk, information security, operational risk, or audit and controls
• Strong understanding of IT risk impact in a financial services company preferred
• Advanced analytical and problem-solving skills with the use of automation for efficient processes
• Good understanding of IS domains such as, Vulnerability Management, SDLC/DevSecOps, Infrastructure Controls as well as understanding of financial applications and their business functionalities
• Advanced knowledge of IT Risk and Controls
• A confident, dynamic individual capable of working with both technology and business contacts in a constantly evolving environment
• Strong influencing / negotiation skills as well as written/verbal communication skills
• Strong attention to detail in terms of understanding the security and business impact of the vulnerability and best approach to remediate in a large-scale complex environment.
• Proactive approach to problem-solving and decision-making with limited supervision
• Proficient in MS Office products, particularly PowerPoint, SharePoint, Access & Excel

Desired Experience:

• Experience working in a highly regulated environment preferred (e.g.  Financial Services)
• Degree in Cyber Security, Computer Engineering, or Computer Science or equivalent discipline
• Security Certification preferred (CISSP, CCSP)

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned, as required.

This position is required to work in the office at least three days each week.

-------------------------------------------------

Job Family Group:

Technology

-------------------------------------------------

Job Family:

Information Security

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Primary Location:

Irving Texas United States

------------------------------------------------------

Primary Location Salary Range:

$121,560.00 - $182,340.00

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting