The Group Information Security Officer is a senior management level position responsible foraccomplishing results through the management of a team or department in an effort to prevent, monitor andrespond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the
execution of Information Security directives and activities in alignment with Citi's data security policy.
- Support the implementation of Information Security (IS) Training Plan, by verifying trainingparticipants completed the training and understand IS requirements
- Support the APAC CISO, APAC ISS Head, and GCB CISO in leading the Regional GCB IS team to formulate and
implementing IS strategy via key initiatives aimed at reducing IS risk for the organization.
- Coordinate with cross-functional Operations and Technology (O&T) counterparts and teams toimprove O&T risk oversight
- Attend and participate in internal/external IS forums and risk committees when necessary andprovide IS updates to the business
- Ensure stakeholders are held accountable for IS controls, and understand responsibilities inrisk mitigation and remediation
- Improve processes, remove IS deficiencies and enhance current tools that reduce an overallrisk profile
- Ensure security practices and standards compliance to reduce the likelihood of audit,regulatory and legal liabilities and reduce security risks by enhancing controls and minimizingweaknesses in Citi’s applications portfolio
- Ensure non-compliant items are addressed through coordination with Business Manager andbusiness staff
- Support CISO (Chief Information Security Office) policies, standards, and initiativesdevelopment and implementation
- Provide guidance on IS aspects of projects in support of business initiatives
- Establish communication channels with cross-sector ISOs to efficiently tackle security issuesthat span multiple businesses
- Manage project deadlines, deliverables, planning, budgeting and policy formulation for theteam, including short-term resource planning
- Appropriately assess risk when business decisions are made, demonstrating particularconsideration for the firm's reputation and safeguarding Citigroup, its clients and assets, bydriving compliance with applicable laws, rules and regulations, adhering to Policy, applyingsound ethical judgment regarding personal behavior, conduct and business practices, andescalating, managing and reporting control issues with transparency, as well as effectivelysupervise the activity of others and create accountability with those who fail to maintain thesestandards.
- Collaborate and influence peer GISOs across the globe in building a forward lookingInformation Security program
- 10 years of relevant experience preferably in the Financial Industry
- Industry certifications such as CISSP/CISM/CCSP preferred
- Demonstrated ability to interpret and apply information security policies, standards andprocedures
- Demonstrated ability to perform IS risk assessments
- Consistently demonstrates clear and concise written and verbal communication
- Proven influencing and relationship management skills, especially with Senior management
- Proven analytical and strategic thinking skills
- Consumer Banking (Retail, Cards, Digital, and Consumer Operations) domain knowledge preferred
- Strong collaborative and communication skills required. Should be highly dependable teamplayer with ongoing commitment to excellence
- Effective leadership skills with the ability to create empowered teams including knowledgesharing, documentation, timeliness and proactive planning.
- Bachelor’s degree/University degree or equivalent experience
Citi Return To Work Programme Welcomes You If You Have:
- Taken a career break of 6 months or more*
- A degree or higher educational qualifications
- Relevant working experience
- Those currently working are also welcomed to apply
**When you are being redirected to Citibank career site, please make sure to choose “Halfthesky” under “Job Boards” when you fill in “How Did You Hear About Us?*” field, so we can follow up on your application directly with the Recruiter who’s responsible for the role.