The Information Security Officer (ISO) Sr. Analyst is an intermediate level position responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's information security policy.
ISOs establish strong working relationships with businesses and are responsible for stakeholder management, execution of IS activities, and remediation and reporting of IS risks.
Responsibilities: Address security issues identified in the various information security programsReview and address issues identified within various Information Security (IS) programs and ensure all IS issues related to Internal Audit, and External Auditors are closed by their original target dateImprove the efficacy of governance processes by identifying risks, monitoring controls, and remediating issuesEstablish cross-sector working relationships and complete weekly awareness discussions with local team to efficiently tackle security issuesEnsure risk exceptions are raised, registered and closed on a timely basis and communicate updates and changes to the global standardsComplete Risk Assessment process, including completing accurate inventory reporting, data classification, threat analysis, and action plansTest and validate that the business complies with applicable IS requirements; develop and implement IS policies and proceduresDetermine and validate appropriate level of controls are being implemented to safeguard sensitive dataDevelop Corrective Action Plans for all Information Security-related gaps and approve all closures through reviewing evidence to ensure each closure meets Citi RequirementsAssume informal/formal mentorship role within teams and assist with the coaching and training of new team membersHas the ability to operate with a limited level of direct supervision. Can exercise independence of judgement and autonomy. Acts as SME to senior stakeholders and /or other team members.Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citi, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency. Qualifications: +5 years of Information Security Risk Management or related business\technology experienceProficient in interpreting and applying policies, standards and proceduresConsistently demonstrates clear and concise written and verbal communicationProven influencing and relationship management skillsProven analytical skills Education: Bachelor's degree/University degree or equivalent experience
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
Relevant certification on information security such as CISA, CISM, CRISC or CISSP, desirable.
Fluent English.
Strong knowledge of cyber and information security controls.
Risk management skills and experience in identifying information security risk mitigants.
------------------------------------------------------
Job Family Group:
Technology------------------------------------------------------
Job Family:
Information Security------------------------------------------------------
Time Type:
Full time------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the "EEO is the Law" poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting
#J-18808-Ljbffr