About Citi:Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.Citi’s Mission and Value Propositionexplains what we do and Citi Leadership Standards explain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients’ and the public’s trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop are widely available to all.Description:Operational Risk Management’s (ORM) mission is to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, emerging risks and to drive actions to address the root causes that persistently lead to operational risk losses. The objective is to reduce operational losses for Citi through preventive actions and solutions to effectively manage and mitigate significant operational risks and vulnerabilities that may arise within Systems and Technology processes.The Technology/Cyber Risk Analysis VP will be assigned to the ORM Technology/Cyber (T/C) Analysis and Reporting function, responsible for the evaluation, development, publication and briefing of multi-source analytical reports assessing technology and cyber risks to the firm globally. In addition, these reports will introduce an independent viewpoint on emerging technology issues impacting Citi. The candidate will be primarily responsible for developing, scoping, and delivering written deliverables that capture a strategic picture of the technical outputs of risk assessment tools. The candidate will also leverage subject matter expertise in applying risk management principles and methodologies to entities and analyzing and interpreting raw technology and security metrics. The candidate should have experience in risk management roles, information technology/information security audit roles, or a combination of the two. Key Responsibilities:
- Evaluate and produce technology analysis reports for the ORM-T/C organization including strategic analysis reports to offer an actionable deliverable interpreting technical outputs of risk assessment tools and to introduce an independent viewpoint on risks impacting Citi.
- Leverage internal and external methodologies and risk management principles to the technology and cyber domain within financial institutions.
- Contribute to building a risk rating methodology for prioritization of risk issues identified by the ORM-T/C organization.
- Interpret leading industry risk frameworks, and customize to the environment for risk management activities including prioritization. Manage internal projects on analysis issues that support a variety of participants and stakeholders measuring the effectiveness and comprehensiveness of Citi’s first line of defense.
- Demonstrate a technical understanding of technology and cyber issues with a direct or indirect impact to the global Citi franchise.
- Examine first-line and external risk assessment output and control environments to assess emerging technology and cyberrisks to Citi, clients, and partners.
- Contribute written analysis to advance senior executive briefings on relevant technology and cyber issues.
- Build partnerships and develop working-level external information sharing relationships with other members of the financial sector, government agencies, and corporate analytical entities.
- Bachelor’s degree in computer science, management information systems, engineering, cybersecurity, international affairs, or intelligence-related field. Work experience in the Risk Management, Information Technology, or Information Security domains preferred.
- 5-7 years of experience working in the information technology or security field preferred. Demonstrates working technical knowledge of IT Risk, IT Audit/Compliance, Cyber Security, or Data Protection.
- Previous Risk Management background preferred.
- Strong writing skills distilling inputs from various sources and presenting a single point-of-view to a non-technical business audience, including Executives. Strong verbal communication and presentation skills; experience conveying judgments and conclusions of written reports to leadership in a meeting setting.
- Analytical experience in the technology or cyber domain required. Understanding of technical control environments.
- Experience working independently and managing multiple priorities; excellent time management.
- Technical certifications including GIAC, CEH, CISM, CISA or CISSP preferred.
- Strong understanding of risk frameworks, such as NIST, COSO etc. Maintains an understanding of various intelligence community and/or academic analytic integrity and tradecraft standards.
Job ID: 18024878