• Competitive
  • Singapore
  • Permanent, Full time
  • Citibank NA
  • 25 Apr 18

Technology Information Security Officer (ATM Security)

Technology Information Security Officer (ATM Security)

  • Primary Location: Singapore,Singapore,Singapore
  • Education: Bachelor's Degree
  • Job Function: Technology
  • Schedule: Full-time
  • Shift: Day Job
  • Employee Status: Regular
  • Travel Time: Yes, 10 % of the Time
  • Job ID: 18012390


Description

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients. 
Citi's Mission and Value Proposition explains what we do and Citi Leadership Standards explain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients' and the public's trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities. 
Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop are widely available to all. 
Job Description:
The Technology Information Security Officer(TISO) will work with the system development areas to ensure proper technology risk considerations are addressed at each phase of the system development life cycle and provide proactive solutions to correct exposures or mitigate risk. Interpret security standards, procedures, and guidelines for multiple platforms and diverse environments (e.g. Internet, client server, distributed, mainframe, etc.) in designing solutions, recommending enhancements or defining mitigating controls to existing systems. The individual should demonstrate an understanding of application security and will exercise judgment within existing practices and policies.  
Responsibilities:
  • Ensure the technology compliance with Information security standards of ATM infrastructure and applications and also participate in ATM vendor assessment for Citi Consumer Group
  • Acts as leader for the security of complex programs/projects for the assigned application portfolio
  • Drives consistent implementation and execution of Information Security in programs/projects for a set of business applications
  • Assists GISO in responding to security events by initiating and coordinating emergency actions across and as applicable to the corresponding application portfolio to protect the business and its customers from an imminent loss of information or value
  • Leads IS review for assigned set of applications catering to ATM infrastructure and applications and also participate in ATM vendor assessment for Citi Consumer Group via agile SDLC programs/projects/initi atives


Qualifications

  • BS/BE degree in Information Security/ Computer Science/Electronics and Engineering /Information Technology
  • 8+ years of experience in Information Security area related to one or more of the areas: Application Design and Development, ATM  Security, Security event management, ethical hacking
  • Must be able to understand detailed technical procedures, Agile SDLC projects and Web Development Architecture, Ethical Hacking Process;
  • Must have a strong knowledge in application security, cryptography, Key management, Interface Security, Application security (development and interfaces), SSL, HTTPS, VPNs
  • Must be able to apply Risk management principles and balance IS priority
  • Knowledge of the following ATM technology or ATM Security skills will be a strong plus point
    • Hardware/Device - Device Pairing, Anti-Scheming, temper-proof, etc.
    • OS - Hardening, Functional ID management, BitLocker HDD encryption
    • Network - TLS 1.2, SHA256, MSPKI for 2-WAY TLS, VPN for ATM
    • Application -Secure coding practice, Vulnerability Assessment, code scanning, AppLocker Security, PCI 3.0 compliance
    • Transaction - fraud detection, EMV chip security
  • Self-motivated with the ability to work independently and as a team member with minimal direction
  • Excellent written and verbal communication skills with the ability to effectively communicate with all levels
  • Ability to build and maintain positive working relationships across project and control teams
  • Strong risk management and risk articulation skills
  • Good project management and analytical skills with the ability to manage multiple priorities within targeted time frames
*LI-SG
Singapore Singapore Singapore SG