ICG Technology Controls Officer - Vice President
Technology Controls Officer is required to manage, implement and maintain a cohesive, effective, efficient, coordinated, and consolidated controls governance model in support of Institutional Client Groups (ICG) Technology. Working closely with a dynamic business in a large and diverse environment, you will be:
- Responsible for establishing strong working relationships with Application Development, Information Security, Continuity of Business, as well as other Business/Operations/Infrastructure Risk Management teams.
- Coordinate Business As Usual (BAU) activities, overseeing Risk and Control activities. Provide assistance to application owners/management team to ensure Risk and Control issues and initiatives are addressed timely.
- Coordinate technology components of Internal and External audits. Assist development teams in responding to audit requests, perform review of results for completeness and accuracy as needed.
- Coordinates end to end MCA process through the interaction of multiple levels of management as well as global risk and control teams. Facilitates the effective management of technology risk. Works with Technology managers to define and create Controls for their area. Monitors risk mitigation and oversight processes. Keeps Senior Technology Leaders aware of control activities.
- Identify control deficiencies through technology self-assessment testing, risk and control initiatives, and BAU meetings/discussions. Monitor progress of corrective action plans.
- Coordinates work with SMEs of various Technology related processes to create documents for Senior Technology Managers focused on audit and regulatory readiness perspective. Oversight on the communication flow in one to one meetings and email messages to ensure senior managers receive awareness and initiate corrective actions.
- Coordinates Issue and CAP management process, identifying root causes, impacts to business, and corrective actions.
- Work with the Risk and Control teams to analyze the latest program and project scorecards, preparing executive summary reports for IT management.
- Facilitate compliance with Citi policies, standards, and regulations.
- Perform and report on trend analysis, determine opportunities for process improvements.
- Analyzes emerging technology exceptions and supports Technology Managers on solution designs to mitigate business exposure by leveraging expert analytical and technical skills.
- Be the manager's backup of Technology Forums and escalate major technology exceptions to senior management.
- Develops open communication and collaborative interaction with Technology areas and multiple groups with influence in the development process.
- Possesses extensive experience in the application and integration of globally accepted technology standards and technology control solutions to identify opportunities for process improvement. Coordinates alignment of processes across regions, where possible.
- Works closely with other Risk and Control teams (OTRC, ORM, etc) to address supporting actions of Technology teams.
- Schedules, hosts, and drives meetings with multiple levels of management, requiring strong communication, influence skills, and diplomacy.
- Manage one or more teams of Tech Controls Analysts and security Tech Controls for multiple IT functional areas.
- May coach/motivate staff; manages performance; makes compensation decisions; ensures staff career development. Address training and development needs for assigned personnel.
- Bachelor's/University degree, Master's degree preferred
Knowledge / Experience:
- Experience performing IT Business Analysis, Project Management, or similar work required.
- Minimum of 10 years of experience in Audit, Information Security or Risk Management.
- Awareness and execution of the Risk and Control Self-Assessment (RCSA), Managers Control Assessment (MCA), or other technology self-assessment processes is an advantage.
- Knowledge of service management (ITIL) with previous working experience in process improvements is an advantage.
- Experience in the application and integration of globally accepted Technology Controls standards.
- Previous experience performing Internal and/or External Audit coordination is an advantage.
- Previous experience in Production Support and Application Development roles is an advantage.
- Industry certifications, such as CISA, CISSP, and PMP would be an advantage.
- Superb interpersonal, written, and verbal communication skills
- Good organizational skills, ability to work under pressure and prioritize within tight deadlines while maintaining total accuracy.
- Ability to influence others and quickly earn the confidence of others.
- High level of attention to detail.
- Self-starter and able to work in a diverse, global environment.
- Ability to analyze large amounts of data, decipher items relevant to the development unit covered, and determine corresponding risk.
- Ability to work as part of a team and also independently under own supervision.
- Possess the ability to develop and maintain good working relationships with various levels of management.
- Ability to coordinate/manage initiatives from end-to-end with minor supervision.
- Strong knowledge of Microsoft Office with Excel, Outlook, and PowerPoint skills.
- Strong affinity to manage Control practices demonstrating a pragmatic risk-based approach.
Job Family Group:
- Formulates and defines systems scope and objectives for complex projects through research and fact-finding combined with an understanding of applicable business systems and industry standards.
- Consults with users and clients to solve issues/problems through in-depth evaluation of business processes, systems, and industry standards; recommends solutions.
- Considers the business implications of the application of technology to the current business environment; identifies and communicates risks and impacts.
- Provides understanding of business analysis concepts and principles with a basic knowledge of concepts and principles in other technology areas.
- Applies comprehensive understanding of how multiple areas collectively integrate to contribute towards achieving business objectives.
- Provides evaluative discernment based on analysis of factual information in complicated and unique situations.
- Appreciates differences in style or perspective and uses differences to contribute to decisions or actions and organizational success.
- Encourages the sharing of ideas and best practices to ensure understanding and optimize business outcomes. Identifies and utilizes diversity and strengths of team to achieve optimal performance.
Risk Management Job Family:
Operational Risk Time Type:
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi
View the " EEO is the Law
" poster. View the EEO is the Law Supplement
View the EEO Policy Statement
View the Pay Transparency Posting