The Information Security Operations (ISO) Lead Analyst is a senior level professional responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.
What you will do:
- Work directly with business, functions and technology units and relevant stakeholders to facilitate/ perform Citi’s Information Security (IS) risk assessment and risk management processes in order to protect information assets.
- Provide strategic risk guidance for business and technology projects, including the evaluation and recommendation of security controls and corrective actions to mitigate or remediate risks.
- Manage security incidents and events to protect corporate Information Technology (IT) assets, including intellectual property, regulated data and the company's reputation.
- Provide oversight of Information Security Assessments across applications, infrastructure and business process. Ensure non-compliant items are resolved through coordination with Business Manager and business staff.
- Ensure IS Risk assessments (ISRA) is conducted for Projects, Applications, and Third-Party service arrangements in accordance with Citi Standards by partnering with Technology and the Business and determines the impact of control deficiencies.
- ISO will work closely with Cyber Defense, Cyber Architecture team and Third-Party Information Security Assessors to ensure risk assessments are completed.
- Review and ensure deployment of IS solutions e.g. data encryption tools based on business requirements. Support business in compliance with data protection program by reviewing and assisting in requirements on secure email, secure file transfer, portable media and DLP monitoring.
- Educate, advise and conduct awareness training for the business on safe IS practices and current, changing, and/or recommended IS requirements.
What we will need from you:
- Minimum of 4 years of Information Security experience, plus 4 years in a related technology discipline (i.e. Cloud, Virtualization, Network Security, LDAP / Exchange, Authentication, Windows / Unix / Linux Administration).
- A solid understanding of SaaS Cloud Security and Architecture, Network Security, Virtualization Technologies, IP Protocols.
- Proven ability to interpret Information Security policies, standards & practices, and apply those IS principles to real-world business objectives.
- Broad IT/IS knowledge base (PKI / Encryption, Authentication, Active Directory, Web Proxies, Email Systems, Network Security, Windows / Unix / Linux Operating Systems).
- Working knowledge of infrastructure security certifications and application security technologies including but not limited to API’s, SOA gateways, REST, JSON, HTTPS/HSTS, TLS, SAML, Qauth.
- Leadership skills and ability to work with and influence senior managers, technology peers, business contacts.
- Strong risk analysis, problem-solving, and written communication skills.
- Familiarity with industry Information Security standards / frameworks (i.e. NIST, COBIT, ISO 27001) and Data Privacy regulations (HIPAA, GDPR).
- Demonstrate a commitment to Continual Process Improvement.
- Ability to effectively prioritize tasks and responsibilities to meet business objectives within prescribed timelines.
- Ability to work effectively, and drive results with minimal direct supervision.
- CISSP, CCSP, CISM, CISA, or equivalent certifications preferred.
- Bachelor’s degree/University degree or equivalent experience/Master’s degree preferred.
- Related business experience in procurement, third party sourcing, operations, project management, resiliency, application development will help to understand the business objectives and associated risks.
What we can offer you:
By joining Citi Hungary, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive compensation package and enjoy a whole host of additional benefits that support you (and your family) to be well, live well and save well:
- Cafeteria Program
- Home Office Allowance (for colleagues working in hybrid work models)
- Paid Parental Leave Program (maternity and paternity leave)
- Private Medical Care Program and onsite medical rooms at our offices
- Pension Plan Contribution to voluntary pension fund
- Group Life Insurance
- Employee Assistance Program
- Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
- Flexible work arrangements to support you in managing work - life balance
- Career progression opportunities across geographies and business lines
- Socially active employee communities with diverse networking opportunities
Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self every day. We want the best talent around the world to be energized to join us, motivated to stay, and empowered to thrive.
Sounds like Citi has everything you need? Then apply to discover the true extent of your capabilities.
------------------------------------------------------
Job Family Group:
Technology
------------------------------------------------------
Job Family:
Information Security
------------------------------------------------------
Time Type:
Full time
------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the "EEO is the Law" poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting