The Info Security Prof Senior Mgr is a senior management level position responsible for accomplishing results through the management of a team or department in an effort to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.
Responsibilities: - Establish and manage security solutions for a functional area
- Develop Corrective Action Plans for all IS gaps and monitor discovered issues to completion
- Facilitate the implementation of approved IS tools and identify and propose new or improved security solutions or emerging technologies
- Ensure IS compliance and seek opportunities to enhance the efficiency of IS policies and procedures
- Identify significant IS threats and vulnerabilities, and define appropriate controls for discovered threats, documenting the business response
- Communicate and discuss changes to IS regulations and standards with Business and Program owners
- Manage project deadlines, deliverables, planning, budgeting and policy formulation for the team, including short-term resource planning
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.
Qualifications: - 6-10 years of relevant experience
- Database knowledge preferred
- Additional technical certifications preferred
- Consistently demonstrates clear and concise written and verbal communication
- Proven influencing and relationship management skills
- Proven analytical skills
Education: - Bachelor’s degree/University degree or equivalent experience
- Master’s degree preferred
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
This position acts as a liaison with local business and functions team and the global Cybersecurity capacities in order to maintain a coordinated and consistent approach to address cyber-events (incidents), cybersecurity exercises and relevant cybersecurity related conversations (i.e. regulators, partners, vendors, peers, customers).
Cyber-simulation excercises experience.
Cyber exercises playbook definition.
Crisis Management Team (CMT) training,
Cybersecurity policy or standard definition.
Cibersecurity manager also leads a team of experts that will track any information security incident and ensure adequate compliance with regulatory requirements, including regulatory and customer notifications, guide the business and third parties on adequate incident containment and recovery and ensure adequate root/cause analysis are being developed and any learning action plans are addressed.
Qualifications:
• 8 years of relevant experience
• Proven experience with Databases preferred
• Additional technical certifications preferred (desirable)
• Knowledge in ISO27001
• Advanced analytical and problem solving skills
• Consistently demonstrates clear and concise written and verbal communication
• Proficient in interpreting and applying policies, standards and procedures
• Demonstrated ability to remain unbiased in a diverse working environment
• Fluent conversational English (spoken and written) (must)
• Ability to create network connections with senior management stakeholders
Responsibilities:
- Coordinate application testing efforts that support protecting the confidentiality, integrity, and availability of business information that are stored and processed
- Educate and advise business and technical leaders on the development, delivery and management of security solutions
- Define and implement security policies and standards, and prepare periodic Information Security (IS) management reports
- Provide security oversight for major system designs and monitor the implementation of approved Corrective Action Plans
- Contribute to the evaluation and selection of applications and systems, focusing on IS implications
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.
Education:
- Bachelor’s degree/University degree or equivalent experience
- Master’s degree preferred
------------------------------------------------------
Job Family Group:
Technology
------------------------------------------------------
Job Family:
Information Security
------------------------------------------------------
Time Type:
Full time
------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the "EEO is the Law" poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting