Cyber Security jobs across the world
Copyright 2024 All Rights Reserved by YipCraft
We will contibute 1% of your purchase to remove CO2 from the atmosphere.
Cyber Security jobs across the world
Copyright 2024 All Rights Reserved by YipCraft
We will contibute 1% of your purchase to remove CO2 from the atmosphere.
About Citi:
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.
Job Description:
The Info Sec Prof Senior Analyst is an intermediate level position responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy. The Suspicious Activity Management (SAM) is a regulatory Governance program which Identifies Critical Internet Facing Applications within CITI and make sure they are compliant within the Citi’s requirements and regulatory standards for monitoring and detecting suspicious activities. The SAM Analyst will rely on knowledge of Citi's SAM (Suspicious Activity Management) program to manage the assessment process and implementation of security Solutions for in-scope applications that require detective (category 1) and preventative (category 2) monitoring of online customer sessions at the application layer.
Responsibilities:
Identify potential information security (IS) risks and make recommendations for enhancement
Collect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officials
Execute meetings and communicate complex security topics and safe IS practices with all levels of the organization
Ensure that controls are utilized daily and that non-compliance remediation is addressed
Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
Assist with defining and implementing IS standards to align procedures and practices in compliance with Citi standards
Educate and advise on safe information security practices and current, changing, and/or recommended information security requirements
Validate compliance with IS policies, practices, and procedures, and resolve a variety of IS related issues in coordination with the business
Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
Has the ability to operate with a limited level of direct supervision.
Can exercise independence of judgement and autonomy.
Acts as SME to senior stakeholders and /or other team members.
Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
Drive application security assessments by analyzing the current application architecture to determine the nature of risk and requirements (exhaustive list of events and data elements) for onboarding on to SAM monitoring tools
Based on the SAM assessment advise the application team on the controls necessary to achieve SAM compliance and help build a plan for the same;
Qualifications:
3-5 years of relevant experience
Applicable Certifications (Security+, CISM, CRISC, CISSP) or willingness to earn within 12 months of joining
Consistently demonstrates clear and concise written and verbal communication
Proven influencing and relationship management skills
Proven analytical skills
Education:
Bachelor’s degree/University degree or equivalent experience
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.
The Suspicious Activity Management (SAM) is a regulatory Governance program which Identifies Critical Internet Facing Applications within CITI and make sure they are compliant within the Citi’s requirements and regulatory standards for monitoring and detecting suspicious activities. The SAM Analyst will rely on knowledge of Citi's SAM (Suspicious Activity Management) program to manage the assessment process and implementation of security Solutions for in-scope applications that require detective (category 1) and preventative (category 2) monitoring of online customer sessions at the application layer.
The ideal candidate will be an experienced individual who is technically knowledgeable and proficient in Information Security Concepts , application/network & internet technology, with solid coordination, management and follow-up skills.
As a SAM Analyst you will
Based upon FFIEC (Federal financial Institutions Examination Council) guidelines, develop and manage detective and preventative monitoring solution for online customer sessions, at the application layer, where there is either exposure of Confidential PII online and/or the existence of Payments and Transfer to non-linked accounts
Drive application security assessments by analyzing the current application architecture to determine the nature of risk and requirements (exhaustive list of events and data elements) for onboarding on to SAM monitoring tools
Based on the SAM assessment advise the application team on the controls necessary to achieve SAM compliance and help build a plan for the same;
As SME provide inputs for resolution of pending technical issues during SAM assessment and onboarding of in-scope applications on to monitoring tools for both Category 1 and 2;
Coordinate with Splunk onboarding team or CSAP (Citi Secure Authentication Platform) Operations team where data or applications need to be clarified or reviewed for additional clarification or updated status;
Extensive use of the SAM Tracker in Archer to archive status of compliance, actions, deliverables and to manage the queue for follow-up tasks;
Prepare slides for the weekly SAM(Suspicious Activity Management) Committee reviews as well as for other management, audit or regulatory reviews;
Prepare metrics and GISMR report to the senior management;
Provide businesses with full description of the SAM Program in as much detail as is necessary, when needed.
Ideal background
Bachelor’s or Master’s degree in Computer Science/Technology or related field, or
3-5 years of experience in IT Risk Management/Information Security specifically performing IT Risk Assessment for web applications/infrastructure;
3-5 years of experience in IT program management;
Thorough understanding of web application design and architecture as well as application and network level nomenclature and models, including Mobile technology channels, API’s, SDK’s, middleware, authentication protocols and more;
Thorough understanding of Software Development Lifecycle (SDLC) including Agile Methodology and Cloud sourcing;
Strong MS Excel and PowerPoint skills;
Experience in the use and knowledge of Archer is a bonus;
Financial services experience is strongly preferred; including familiarity with FFIEC guidelines (Authentication in an Internet Banking Environment);
A confident, dynamic individual capable of defining, building and matrix managing a global program across technology and business organizations in a constantly evolving global enterprise.
------------------------------------------------------
Job Family Group:
Technology------------------------------------------------------
Job Family:
Information Security------------------------------------------------------
Time Type:
Full time------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the "EEO is the Law" poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting