Enterprise Cybersecurity Risk Management: Enterprise Cybersecurity Risk Management is responsible for Cybersecurity Quality Assurance (QA) program, Cybersecurity Issue Management and CISO Residual Operation Risk (SROR) reporting. Cybersecurity QA team provides quality assurance services for Third Party Information Security Assessments, Information Security Risk Assessments, Vulnerability and Threat Management programs. Cybersecurity Issue Management is responsible for monitoring and reporting on CISO-owned issues as well as monitoring cybersecurity issues across the enterprise. CISO SROR program is responsible for partnering with key stakeholders within CISO and O&T to identify emerging risks within the environment and monitor and report on their remediation status.
Job Responsibilities :
This role with report to Enterprise Cybersecurity Issue Management Head, responsible for monitoring and reporting on CISO-owned issues and corrective action plans identified across all lines of defense as well as monitoring cybersecurity issues across the enterprise, providing thematic and trend analysis and reporting for CISO management.
This role will work directly with CISO business partners and CISO Risk Managers on monitoring ongoing internal audit reviews, escalating and reporting on audit, self-identified, regulatory, ORM and ICRM issues. The role will interface with Internal Audit and EO&T OTRC Group and will be responsible for disseminating guidance related to audit and issue management requirements, ICAPs Policy, addressing EO&T reporting requirements (EO&T RCM, BRCC etc.). Additionally, the role will:
• Ensure consistent and transparent practices for audit and issue management reporting across CISO.
• Drive continuous improvement for issue management program.
• Share best practices in the Audit and Issue management space.
• Serve as a liaison between CISO Businesses and EO&T OTRC by providing updates on audits and issues, addressing Escalation Policy requirements and updates to BRCC.
Qualifications :
• Bachelor's degree or equivalent work experience
• 5+ years of relevant experience in Risk Management / Internal Audit.
• Strong work ethic, excellent use of discretion and judgment.
• Ability to work under pressure, meet challenging deadlines.
• Ability to influence others and shape/obtain desired outcome in areas outside of direct control
• Ability to work independently and effectively in a large, global corporate environment
• Excellent communication skills, both verbal and written
• Excellent problem solving and analytical skills, proficiency in MS Office Suite
-------------------------------------------------
Job Family Group:
Corporate Services
-------------------------------------------------
Job Family:
COB & Crisis Management
------------------------------------------------------
Time Type:
------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi .
View the " EEO is the Law " poster. View the EEO is the Law Supplement .
View the EEO Policy Statement .
View the Pay Transparency Posting