Cyber Risk Analyst - AVP
Are you looking for a career move that will put you at the heart of a global financial institution? Then bring your skills and experience within data analytics, technology and/or cyber risk assessments to Citi’s Operational Risk Management (ORM) team.
By Joining Citi, you will become part of a global organization whose mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress.
Team / Role Overview:
This role sits in the Technology and Cyber Compliance and Operational Risk Office (TCCORO) which is within Citi’s wider ORM business and is the firm’s reliable second set of eyes. ORM provides enterprise-wide oversight and aggregation of operational risk across all Businesses.
Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while promoting the implementation of actions to address root causes which may lead to unintended operational losses or regulatory breaches. TCCORO provides specialist subject matter experts to challenge Enterprise, Infrastructure, Operations and Technology entities across the firm. We are the technology and cyber conscience of the bank. In line with the ORM and Independent Compliance Risk Management (ICRM) frameworks, we aim to ensure that the internal controls that are designed to mitigate technology and cyber risks are managed, mitigated, and aligned with our risk appetite.
This position actively works with our ORM and Compliance partners and other stakeholders to provide support to our oversight and challenge activities with the components of our operational and compliance risk management frameworks. A successful candidate should have foundational expertise in how technology and cybersecurity risks are effectively managed in a large financial institution.
What you’ll do:
- Supports the review of compliance and technology and/or cyber policies and procedures, technology and tools, and governance processes to provide credible challenge for minimizing losses from technology and/or cyber risks.
- Assesses technology and/or cyber risks and evaluates actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices.
- Supports independent assurance activities to assess areas of concern including substantive and controls testing.
- Supports the monitoring, evaluation, and challenge of Key Risks and associated Key Risk Indicators triggers and thresholds.
- Reviews potential risks associated with program/project delivery on a technical level.
- Participates in various second line of defense technology and/or cyber assessments including risk assessments, control assessments, maturity assessments etc.
- Assesses technology and/or cyber risks associated with new initiatives and programs being proposed for implementation.
- Supports the challenge of the design, adequacy and strength of the control environment associated to technology and cyber and recommends actions to ensure the operational risk profile is in line with the technology and/or cyber risk appetite.
- Supports ad-hoc activities for the TCCORO organization, including but not limited to: researching and drafting materials for presentations of deep dives into selected topics, coordinating deliverables related to audits and examinations, and maintaining associated data for executive reporting.
- Helps to appropriately assess risk when business decisions are made, demonstrating knowledge for the firm's reputation and safeguarding Citigroup, its clients, and assets, by driving compliance with applicable laws, rules, and regulations, adhering to Policy, and applying sound ethical judgment.
What we’ll need from you:
- 5 years’ experience in data analytics, technology and/or cyber risk assessments, metrics, enterprise technology services, risks, and controls within globally complex organizations.
- Understanding of technology and/or cyber risks and controls across various information system architecture and engineering domains including: data protection, identity and access management, vulnerability management, network security, endpoint security, logging and monitoring, incident management, and third-party management.
- Knowledge and understanding of industry standard risk management frameworks (including ISO27001 and COBIT).
- Excellent attention to detail with effective written and verbal communication skills.
- A self-starter, flexible, innovative, and adaptive individual who is also able to manage repetitive tasks.
- Strong interpersonal skills with the ability to work collaboratively and with people at all levels of the organization.
- Ability to work collaboratively with regional and global partners in other functional units; and to navigate a complex organization.
- Excellent organizational skills in order to handle multiple projects at one time.
- Proficient in MS Office applications (Excel, Word, PowerPoint).
- Bachelor’s/University degree or equivalent experience.
What we can offer you:
Excellent exposure to a variety of businesses such as Payments, Trade Finance, Digital Assets to name a few. This is an ever-changing opportunity pivoting with the market as it moves.
By joining Citi Solutions Centre Poland, you will not only be part of a business casual workplace with a hybrid working model (currently up to 2 days working at home per week), but also (potentially, subject to final offer) receive a competitive base salary and enjoy a whole host of additional benefits which can include:
- Employer paid Defined Contribution Pension Plan contribution of 6% of employee’s pensionable earnings (PPE Program)
- Employer paid Private Medical Care Package for employees and Private Medical Care Packages for certain family members available at preferential rates
- Employer paid Life Insurance Program for employees and Life Insurance for certain family members available at preferential rates
- Employee Assistance Program financed by Employer
- Paid Parental Leave Program (maternity and paternity leave; statutory and 2 weeks additional paid paternity leave)
- Sport Card for employees subsidised via Social Benefits Fund and Sport Cards for certain family members available at preferential rates
- Additional benefits from Company’s Social Benefit Fund, in particular: Holidays Allowance, support for sport and cultural activities, team building events.
- Additional day off for volunteering
- Cafeteria/ flex benefit – a company benefits system which enables employees to select and purchase benefits offered by a provider and available for employees on the platform.
- Opportunity to receive an annual discretionary incentive award
- Special offers and discounts for employees.
Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self every day. We want the best talent around the world to be energized to join us, motivated to stay, and empowered to thrive.
Sounds like Citi has everything you need? Then apply to discover the true extent of your capabilities.
#LI-TM3
------------------------------------------------------
Job Family Group:
Risk Management------------------------------------------------------
Job Family:
Operational Risk------------------------------------------------------
Time Type:
Full time------------------------------------------------------
Primary Location Full Time Salary Range:
zł165,020.00 - zł280,980.00------------------------------------------------------
Most Relevant Skills
Analytical Thinking, Control Monitoring, Credible Challenge, Governance, Issue Management, Operational Risk, Policy and Procedure, Policy and Regulation, Risk Controls and Monitors, Risk Identification and Assessment.------------------------------------------------------
Other Relevant Skills
For complementary skills, please see above and/or contact the recruiter.------------------------------------------------------
Automated Processing and AI
We use automated processing, including artificial intelligence, for our legitimate business interests (or our reasonable and appropriate business purposes) to identify and align the candidate's skills and abilities with a specific job opening. Additionally, if you so choose, or consent, we can match your skills and abilities to other suitable roles at Citi.
Importantly, all our hiring processes and decisions, including determining your suitability for a role, are conducted, checked, and decided by individuals. Our automated processing and AI do not involve relying on automatic or autonomous decision-making. Please refer to any Jurisdictional Considerations, with specific provisions for your country (where relevant) for further details.
------------------------------------------------------
This job opening is for an existing job vacancy.
------------------------------------------------------
Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.
If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.View Citi’s EEO Policy Statement and the Know Your Rights poster.