Senior Audit Manager - Cyber / InfoSec
The Senior Audit Manager role is a Cyber/ InfoSec Subject Matter Expert (SME) position within Internal Audit team focused on providing deep technical knowledge to the audit delivery team across Cyber/ IS domain such as Cryptography and Security Architecture; by sharing industry knowledge/ best practices, performing focused reviews, developing thought leadership/ training content and analyzing emerging trend/ regulatory landscape.
Key Responsibilities:
- Provide SME input on audits in the Cyber/ IS domain
- Develop and update Cyber Security Audit program/ Risk and Control Metrics for IA team
- Perform focused review on key/ emerging themes in Cyber/ IS domain
- Develop and deliver Training Content in Cyber/ IS audit domain
- Develop innovative solutions for improving audit efficiency and effectiveness
- Deliver audit reports, Internal Audit and Regulatory issue validation and business monitoring and governance committee reports
- Partner with other IA Senior Managers, Directors and Managing Directors to develop approaches for addressing broader corporate emerging issues
Qualifications and Competencies
- BA/BS or equivalent. Related certifications (CISSP, CISA, CIA or similar) are a plus. Additionally, this role will also require proven understanding of industry Cyber Security frameworks such as NIST CSF, MITRE etc
- Project management requirements based on specific initiative such as deep dive reviews, knowledge management or innovation initiatives undertaken by the role.
- Subject matter expertise in auditing general and application controls across a variety of technologies and platforms using IS best practices and standards, including the NIST Cybersecurity and Risk Management Frameworks, and a solid business understanding of technology infrastructure products experience with associated with the banking and financial business.
- Knowledge and experience in developing and executing IS risk assessments that align to organizational strategies and business objectives.
- Works independently with demonstrated experience in managing technology audits and projects according to strict timetables and quality standards.
- Effective negotiation skills, a proactive and 'no surprises' approach in communicating issues and strength in sustaining independent views.
- Articulate and effective communicator, both orally and in writing, with an energetic, charismatic and approachable style, well-developed listening skills, and a strong ability to engage a variety of stakeholders, including senior officials, security professionals, regulators, and business executives, on a variety of technical audit matters that is audience-appropriate, risk-based, and actionable.
#NAMInternalAudit
Ideally the candidate should have more than 15 years of experience in various Cyber domains and able to demonstrate development of technical content, thought leadership in this area
The person would be senior Cyber SME to support thought leadership, deep dive reviews, test work program creation under Cyber domain.
-------------------------------------------------
Job Family Group:
Internal Audit-------------------------------------------------
Job Family:
Audit------------------------------------------------------
Time Type:
Full time------------------------------------------------------
Primary Location:
New York New York United States------------------------------------------------------
Primary Location Salary Range:
$158,140.00 - $237,200.00------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the "EEO is the Law" poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting