Job Description
The Information Security Operations Officer is a management role reporting to the Board of Directors with accountability for Cybersecurity function, executive-level privileges and adequate authority with no intersect with other conflicting positions. This role is responsible for leading efforts to safeguard the confidentiality, integrity, and availability of Citi’s information and information assets. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's Cyber and Information Security Policy (CCISP).
Responsibilities:
- Acts as Information Security Subject Matter Expert to senior stakeholders and /or other team members.
- Cyber Issue Management, Monitoring & Regulatory engagement
- Establish working relationships cross-sector and internally with First, Second, and Third Line of Defense.
- Coordinate with First line partners the collection, entry, and maintenance of deliverables to Internal and External Questions/Exams.
- Facilitate the Responses by Key Stakeholders to Internal and External Reviewers for requested meetings and potential concerns raised with a risk focus.
- Communicate to Senior Management on issues identified during Internal and External reviews including missed deadlines, risk impact, and improper design/execution of controls.
- Identify areas of opportunities for process improvements or potential control breaks in the organizations Cybersecurity standards, procedures, and/or controls.
- Execute the Issue Management process, for Issues identified within various Information Security (IS) programs.
- Assist process and control owners in evaluating control deficiencies holistically, including identification of root causes and required corrective action plans.
- Oversee and ensure timely and complete issue remediation within businesses and functions and escalate any delays and / or challenges, as needed.
- Validate remediation activities are documented, completed, and closed- out in accordance with issue management standards.
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency
- Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
- Has the ability to operate with a limited level of direct supervision.
- Can exercise independence of judgement and autonomy.
- Accommodate and manage regulatory engagements in Jordan and beyond
- Acts as SME to senior stakeholders and /or other team members.
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
- Ensure Jordanian cyber regulatory obligations are understood and collaborate with compliance and appropriate CISO teams to ensure recorded.
- Understand controls being implemented to safeguard sensitive data
Qualifications:
- 10 years of relevant experience
- Proficient in interpreting and applying policies, standards and procedures
- Consistently demonstrates clear and concise written and verbal communication
- Proven influencing and relationship management skills
- Proven analytical skills
- Arabic Language is a plus
- Maintaining at least one active certificate of the Information Security Management international certificates such as CISSP, CISM, CRISC, C-CISO or ISO 27001 Lead implementer.
Education:
- Bachelor’s degree/University degree or equivalent experience as a minimum
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
About Citi
Citi is a preeminent banking partner for institutions with cross-border needs, a global leader in wealth management and a valued personal bank in its home market of the United States. Citi does business in more than 160 countries and jurisdictions, providing corporations, governments, investors, institutions and individuals with a broad range of financial products and services.
Additional information may be found at www.citigroup.com | Twitter: @Citi | YouTube: www.youtube.com/citi | Blog: http://blog.citigroup.com | Facebook: www.facebook.com/citi | LinkedIn: www.linkedin.com/company/citi.
#LI-ZA1
------------------------------------------------------
Job Family Group:
Technology
------------------------------------------------------
Job Family:
Information Security
------------------------------------------------------
Time Type:
Full time
------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the "EEO is the Law" poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting