Cyber Security Fusion – Governance SVP

About Citi:

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.

As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.

Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.

The Info Security Prof Group Mgr is a senior management level position responsible for accomplishing results through the management of a team or department in an effort to prevent, monitor and respond to information/data breaches and cyber-attacks.The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.Responsibilities:

• Coordinate application testing efforts that support protecting the confidentiality, integrity, and availability of business information that are stored and processed
• Educate and advise business and technical leaders on the development, delivery and management of security solutions
• Define and implement security policies and standards, and provide periodic Information Security (IS) management reports
• Provide security oversight for major system designs and monitor the implementation of approved Corrective Action Plans
• Plan and implement IS administration for Information Technology (IT) projects, and plan short to medium term IS actions and resources
• Contribute to the evaluation and selection of applications and systems, focusing on IS implications
• Manage a large/complex team or multiple teams, including the people, budget, policy formation, and strategy planning
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.

Qualifications:

• 10+ years of relevant experience
• Proven experience with Databases preferred
• Additional technical certifications preferred
• Advanced analytical and problem solving skills
• Consistently demonstrates clear and concise written and verbal communication
• Proficient in interpreting and applying policies, standards and procedures
• Demonstrated ability to remain unbiased in a diverse working environment

Education:

• Bachelor’s degree/University degree or equivalent experience
• Master’s degree preferred

The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients' and our proprietary data. We manage information security as one end-to end program – one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the firm and is deeply integrated into the sectors and functions.

Citi maintains two Cyber Security Fusion Centers (CSFCs) in the United States and Asia to act as its information and crisis response hub in its mission to strengthen Citi's resilience to cyber-attacks. 

The mission of the Cyber Security Fusion organization it to bring together expert teams to transform information on threats from internal and external sources into actionable intelligence and outcomes to support leadership decision making and reduce cyber risk.

The Cyber Fusion organization optimizes Citi's velocity of response, breaks down silos across reporting structures, and creates a unified channel of communications, data, and governance to senior leaders, member teams, and peers. These functions enable the CSFC to serve as the global and cross-business coordinating entity in disrupting threat actors, reducing vulnerabilities and risk, and minimizing any impact from cyber-attacks.

The Fusion organization is embarking on a global strategic transformation designed to further protect Citi from evolving threats through the creation of a data driven, threat-led program of work underpinned by the creation of net-new services, re-engineering of existing process to drive efficiency, and the implementation of strategic toolsets and capabilities.Job Description:

The Cyber Security Fusion Governance SVP will be responsible for partnering with the CSFC Governance Lead to build a new governance function within the Fusion Centre underpinned by a comprehensive Governance Framework to measure, monitor and report Cyber Security Operational risk to internal stakeholders, and appropriate supervisory groups, regulators. The governance function will be responsible for informing the decision making of strategic investments and operational scope through fusing governance data with operational data to ensure risk-based decision making and outcomes. This organization will also act as the liaison for the CSO organization with other internal risk functions, and external risk related activity.

The person in this role will interface and help to support interactions with Citi seniors, regulators, and supervisory groups on topics of cybersecurity and third-party risk.

A successful candidate must have the following characteristics: 

• World class knowledge of cybersecurity technologies, policies, and risk assessment/management practices.
• Specific experience with oversight and management of global supervisory parties.
• Specific experience of Cyber risk and governance organizations in a financial institution or large enterprise environment.
• Working knowledge of Cyber Security operations functions and common practices
• Working knowledge of software security models, modern software development practices and security toolsets.
• Highly analytical vision, data driven problem solving, security architecture & integration
• Excellent communications and presentation skills to influence and shape the image of the Cyber Security Fusion Centre
• Professional/technical direction and strategy

Responsibilities:

• Partnering with DSFC Governance Lead on the design and implementation of a CSO governance framework, associated metrics, and key risk indicators and associated stakeholder engagements with supervisory teams
• Running a day-to-day operational governance program to measure, monitor and report cyber operational risk
• Designing and implementing a governance data model to inform strategic and risk based decision making.
• Work under tight deadlines to handle multiple/detail-oriented tasks  
• Build a strong partnership with both internal teams and external organizations in relation to Cyber operations governance
• Engage regularly with audit, compliance, and regulatory bodies globally.
• Drive continuous improvement of organizational processes and operating model
• Identify areas that can be automated and further optimized and champion projects that enable these improvements
• Ensure that analysis, reporting, and metrics contribute prioritization and focus placed on most critical risks and threats

Qualifications:

• Bachelor's degree in Computer Science, Information Assurance, Computer Security, or equivalent
• Master Degree in a related field is highly desired, or equivalent years of experience
• A minimum of 7 years’ experience forming cyber analytical and/or operational teams
  • And any of the below:
• 5+ years experience in Audit or Operational risk management
• 5+ years experience with Intelligence Fusion
• 5+ years experience leading analysis teams

• Proven expertise in information security
• Experience with Cyber Intelligence Analysis and Cyber Fusion
• Proven ability to communicate succinctly and directly in oral and written presentations and documents, adhering to length, quality, audience and timeliness constraints.
• Desired certifications include CISSP or equivalent, CEH or equivalent

-------------------------------------------------

Job Family Group:

Technology

-------------------------------------------------

Job Family:

Information Security

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Primary Location:

New York New York United States

------------------------------------------------------

Primary Location Salary Range:

$170,880.00 - $256,320.00

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting

-----------------------------

Effective November 1, 2021, Citi requires that all successful applicants for positions located in the United States or Puerto Rico be fully vaccinated against COVID-19 as a condition of employment and provide proof of such vaccination prior to commencement of employment.