Head of APAC Information Security Services
As a senior role within Citi's CISO organization, the Head of APAC Information Security Services leader will play a critical role in the organization, both internally and externally, in the face of the recent regulations impacting the financial services industry. The role will:
- Serve as the front person for several global and local projects put in place to continuously strengthen our cyber risk posture across Asia, given the fast-paced evolution of cybercrime in that region;
- Directly lead a team of full-time IS professionals including Business Information Security Officers (BISOs), Technical Information Security Officers (TISOs), and Group Information Security Officers (GISOs) who are fully accountable for all IS activities, program implementation, and oversight for the various APAC areas they support.
- Direct staff in the implementation and coordination of security processes, tools, and solutions within the APAC operations, technology and business areas to meet both business and data protection requirements.
- Monitor the adherence of Asia Pacific business and support functions to the Global defined IS standards and programs, working with the Heads of ISS and Cyber Security Services (CSS) as well as Regional O&T management to ensure exceptions and issues are properly raised to senior management's attention;
- Represent the Regional Information Security Office in IS and/or business forums.
- Work in close connection with IS workforce throughout Asia Pacific, to ensure the IS strategy is communicated and executed on a consistent manner;
- Act as the liaison with audit and/or external reviewers, reporting status and concerns to CISO management and other stakeholders;
- Support global teams in the deployment of new developments in the IS arena including, but not limited to mergers, acquisitions or divestitures; deployment of global security / monitoring tools; revised risk assessment frameworks and/or methodologies, etc.;
- Work with the business and technology partners, as well as peer control functions, for the identification of emerging risks affecting the region and, whenever applicable, propose corrective action plans, making sure they are aligned with global practices and strategic initiatives;
- Maintain in-depth knowledge of the full spectrum of Citi IS and Cyber-security programs, and leverage this knowledge to coordinate sound risk assessments to determine the potential threats or risks the regional business groups are exposed to;
- Establish sound connection with business partners, working to consolidate and increase Information Security as a key business driver for the organization;
- Support the region in the identification and development of new talent to compose the regional IS workforce, for both succession and team expansion purposes, ensuring the people are exposed to challenges which are commensurate with their potential, skillset and seniority levels;
- Partner with the other Citi Information Security Officers across the enterprise to ensure known and emerging risks are accounted for and communicated to the right levels of management, helping the business leaders to make the best decisions on how to deal with threats against Citi's information assets.
- Degree in Information Technology, Engineering, or Business (Advanced Degree Preferred)
- 10+ years of experience in Information Security in a highly regulated industry such as Finance, Healthcare, and/or Government within a large multi-national organization with a global scope with high influence requirements.
- 6-10 years of people management experience across a global organization.
- Must have demonstrated knowledge of information security standards (e.g. ISO 27001), rules and regulations related to information security and data confidentiality (e.g. PCI, NIST, NSA) and other various security standards and policies.
- Must be able to understand not only emerging industry trends as far as information security is concerned, but it is equally important to understand the landscape of emerging threats and drive appropriate adjustments within the program.
- Able to operate in a highly matrixed environment.
- Exceptionally strong matrix management skills.
- Strong leadership, strategic thinking, and planning abilities.
- Strong interpersonal and communication skills with the ability to influence at all levels of the organization, while being able to simplify complex IS topics for understanding and critical decision making by APAC Senior management.
- Excellent problems solving abilities and analytical skills; proven ability to meet challenging deadlines.
- Ability to apply a broad and comprehensive understanding across multiple functional areas.
- Strong work ethic, and an excellent use of discretion and judgment.
- Ability to organize, prioritize, and lead multiple deliverables across a large, global corporate environment.
- Industry certification(s) in Information Security such as CISSP, CISM, or CISA.
Grade :All Job Level - All Job FunctionsAll Job Level - All Job Functions - SG ------------------------------------------------------
Time Type :Full time ------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity CLICK HERE .
To view the "EEO is the Law" poster CLICK HERE . To view the EEO is the Law Supplement CLICK HERE .
To view the EEO Policy Statement CLICK HERE .
To view the Pay Transparency Posting CLICK HERE .