Business Information Security Officer – APAC Markets
The Information Security Operations (ISO) Lead Analyst is a senior level professional responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy. Responsibilities:
- Support the implementation of the IS Training Plan, by verifying training participants completed the training and understand IS requirements
- Coordinate with cross-functional Operations and Technology (O&T) counterparts and teams to improve O&T risk oversight
- Provide recommendations on IS aspects of projects and assess/report Corrective Action Plans to improve IS programs and initiatives
- Escalate significant risks to the Regional/Sector IS Leadership for information or required actions
- Attend and participate in internal/external IS forums and risk committees when necessary
- Improve processes, by removing deficiencies and enhancing current tools that reduce an overall risk profile
- Ensure security practices/standards compliance and reduce security risks through enhancing controls and minimizing weaknesses in Citi's applications portfolio
- Ensure audits are passed with a satisfactory audit rating for all IS topics
- Ensure non-compliant items are resolved through coordination with Business Manager and business staff
- Support the Global Information Security (GIS) policies, standards, and initiatives development and implementation
- Increase communication efficiency with cross-sector ISOs to resolve security issues that span multiple businesses
- Has the ability to operate with a limited level of direct supervision.
- Can exercise independence of judgement and autonomy.
- Acts as SME to senior stakeholders and /or other team members.
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
- 6-10 years of relevant experience
- Proficient in interpreting and applying policies, standards and procedures
- Consistently demonstrates clear and concise written and verbal communication
- Proven influencing and relationship management skills
- Proven analytical skills
- Bachelor's degree/University degree or equivalent experience
- Master's degree preferred
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
This role will also be supporting other ICG business and ISS projects in the region. Job Family Group:
Technology Job Family:
Information Security Time Type:
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi
View the " EEO is the Law
" poster. View the EEO is the Law Supplement
View the EEO Policy Statement
View the Pay Transparency Posting