Hispanic Technology Executive Council
Operational Risk, Cyber and Technology Senior Vice President
Hispanic Technology Executive Council, Jacksonville, Florida, United States, 32290
Overview
The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi acts as the firm\'s second set of eyes, driving comprehensive and consistent practices to identify, measure, monitor, report, and manage operational and compliance risks. We promote actions to address root causes of potential losses or regulatory breaches and provide specialist subject matter experts to challenge Enterprise, Infrastructure, Operations and Technology entities. In line with the Operational Risk Management (ORM) and Independent Compliance Risk Management (ICRM) frameworks, we ensure internal controls mitigate technology and cyber risks and align with the risk appetite. The Technology / Cyber Risk Officer is part of the US Personal Banking team within TCCORO, providing second-line operational and compliance risk oversight of US Personal Banking technology. The role leverages technology and/or cyber subject matter expertise, business experience, data analysis techniques, current events, and industry trends to inform risk prioritization and second-line challenge and influence activities. The position works with ORM and Compliance partners and other stakeholders to provide expert guidance in line with risk management frameworks. A successful candidate will have expertise in cyber risk in global financial services, with a comprehensive understanding of the subject matter and its application to related risks. They should have a strong track record in technology and/or cyber risk management and/or a strong technical background with excellent analytical skills, plus excellent communication skills to negotiate internally, often at a senior level. A strong interest and passion for risk management is expected. Responsibilities
Manages internal projects on threat issues supporting a variety of participants and stakeholders, measuring the effectiveness of Citi\'s first line defenses. Establishes and oversees the application of compliance and technology and/or cyber policies and procedures, technology and tools, and governance processes to provide credible challenge for minimizing losses from technology and/or cyber risks. Independently assesses technology and/or cyber risks and drives actions to address root causes that persistently lead to operational risk losses by challenging both historical and proposed practices. Leads independent assurance activities to assess areas of concern including substantive and controls testing. Monitors, evaluates, and challenges key risks and associated key risk indicators triggers and thresholds. Leads discussions with KPI owners on breaches and action steps to correct breaches. Identifies potential risks associated with program/project delivery on a technical and detailed level. Leads second line technology and/or cyber assessments including risk assessments, control assessments, and maturity assessments. Assesses technology and/or cyber risks associated with new initiatives and programs being proposed for implementation. Challenges the design, adequacy and strength of the control environment related to technology and cyber risks and recommends actions to align the operational risk profile with the risk appetite. Executes ad-hoc activities for the TCCORO organization, including researching and producing materials for presentations, coordinating deliverables related to audits and examinations, and maintaining data for executive reporting. Assesses risk when business decisions are made, safeguarding Citi\'s reputation, clients, and assets by driving compliance with applicable laws, rules, and regulations, adhering to Policy, and applying sound ethical judgment. Qualifications
10+ years of relevant experience Deep knowledge of products within the coverage area, with the ability to apply in-depth understanding of business impacts of technical contributions Experience in technology and/or cyber risk assessments, metrics, enterprise technology services, risks, and controls within globally complex organizations In-depth knowledge of technology and/or cyber risks and controls across information system architecture and engineering domains including data protection, identity and access management, vulnerability management, network security, endpoint security, logging and monitoring, incident management, and third-party management Subject matter expert in one or more risk management frameworks (e.g., ISO27001, COBIT, TOGAF, CRI) and strong understanding of technology and/or cyber risk mitigation strategies Outstanding communication and influencing skills at all organizational levels and with external partners and vendors; strong relationship management and conflict resolution abilities Ability to communicate complex topics to a broad audience Strong analytical skills with the ability to filter, prioritize, and validate complex material from multiple sources Education
Bachelor\'s degree required; Master\'s degree preferred Relevant certifications (e.g., CISM, CRISC, CISSP, CISA, PMP) a plus Job Family Group:
Risk Management Job Family:
Operational Risk Time Type:
Full time Primary Location:
Jacksonville, Florida, United States Primary Location Full Time Salary Range:
$141,440.00 - $212,160.00 In addition to salary, Citi offerings may include incentive and retention awards. Citi offers benefits including medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi provides paid time off, including vacation, sick leave, and holidays. For additional information, please review Citi benefits information. Availability may vary by jurisdiction, job level, and date of hire. Most Relevant Skills Analytical Thinking, Control Monitoring, Credible Challenge, Governance, Issue Management, Operational Risk, Policy and Regulation, Risk Controls and Monitors, Risk Identification and Assessment. Education Details Equal Opportunity Employer statement: Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by law.
#J-18808-Ljbffr
The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi acts as the firm\'s second set of eyes, driving comprehensive and consistent practices to identify, measure, monitor, report, and manage operational and compliance risks. We promote actions to address root causes of potential losses or regulatory breaches and provide specialist subject matter experts to challenge Enterprise, Infrastructure, Operations and Technology entities. In line with the Operational Risk Management (ORM) and Independent Compliance Risk Management (ICRM) frameworks, we ensure internal controls mitigate technology and cyber risks and align with the risk appetite. The Technology / Cyber Risk Officer is part of the US Personal Banking team within TCCORO, providing second-line operational and compliance risk oversight of US Personal Banking technology. The role leverages technology and/or cyber subject matter expertise, business experience, data analysis techniques, current events, and industry trends to inform risk prioritization and second-line challenge and influence activities. The position works with ORM and Compliance partners and other stakeholders to provide expert guidance in line with risk management frameworks. A successful candidate will have expertise in cyber risk in global financial services, with a comprehensive understanding of the subject matter and its application to related risks. They should have a strong track record in technology and/or cyber risk management and/or a strong technical background with excellent analytical skills, plus excellent communication skills to negotiate internally, often at a senior level. A strong interest and passion for risk management is expected. Responsibilities
Manages internal projects on threat issues supporting a variety of participants and stakeholders, measuring the effectiveness of Citi\'s first line defenses. Establishes and oversees the application of compliance and technology and/or cyber policies and procedures, technology and tools, and governance processes to provide credible challenge for minimizing losses from technology and/or cyber risks. Independently assesses technology and/or cyber risks and drives actions to address root causes that persistently lead to operational risk losses by challenging both historical and proposed practices. Leads independent assurance activities to assess areas of concern including substantive and controls testing. Monitors, evaluates, and challenges key risks and associated key risk indicators triggers and thresholds. Leads discussions with KPI owners on breaches and action steps to correct breaches. Identifies potential risks associated with program/project delivery on a technical and detailed level. Leads second line technology and/or cyber assessments including risk assessments, control assessments, and maturity assessments. Assesses technology and/or cyber risks associated with new initiatives and programs being proposed for implementation. Challenges the design, adequacy and strength of the control environment related to technology and cyber risks and recommends actions to align the operational risk profile with the risk appetite. Executes ad-hoc activities for the TCCORO organization, including researching and producing materials for presentations, coordinating deliverables related to audits and examinations, and maintaining data for executive reporting. Assesses risk when business decisions are made, safeguarding Citi\'s reputation, clients, and assets by driving compliance with applicable laws, rules, and regulations, adhering to Policy, and applying sound ethical judgment. Qualifications
10+ years of relevant experience Deep knowledge of products within the coverage area, with the ability to apply in-depth understanding of business impacts of technical contributions Experience in technology and/or cyber risk assessments, metrics, enterprise technology services, risks, and controls within globally complex organizations In-depth knowledge of technology and/or cyber risks and controls across information system architecture and engineering domains including data protection, identity and access management, vulnerability management, network security, endpoint security, logging and monitoring, incident management, and third-party management Subject matter expert in one or more risk management frameworks (e.g., ISO27001, COBIT, TOGAF, CRI) and strong understanding of technology and/or cyber risk mitigation strategies Outstanding communication and influencing skills at all organizational levels and with external partners and vendors; strong relationship management and conflict resolution abilities Ability to communicate complex topics to a broad audience Strong analytical skills with the ability to filter, prioritize, and validate complex material from multiple sources Education
Bachelor\'s degree required; Master\'s degree preferred Relevant certifications (e.g., CISM, CRISC, CISSP, CISA, PMP) a plus Job Family Group:
Risk Management Job Family:
Operational Risk Time Type:
Full time Primary Location:
Jacksonville, Florida, United States Primary Location Full Time Salary Range:
$141,440.00 - $212,160.00 In addition to salary, Citi offerings may include incentive and retention awards. Citi offers benefits including medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi provides paid time off, including vacation, sick leave, and holidays. For additional information, please review Citi benefits information. Availability may vary by jurisdiction, job level, and date of hire. Most Relevant Skills Analytical Thinking, Control Monitoring, Credible Challenge, Governance, Issue Management, Operational Risk, Policy and Regulation, Risk Controls and Monitors, Risk Identification and Assessment. Education Details Equal Opportunity Employer statement: Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by law.
#J-18808-Ljbffr