TotalCyber.io
Cyber Security jobs across the world
Copyright 2024 All Rights Reserved by YipCraft
We will contibute 1% of your purchase to remove CO2 from the atmosphere.
SVP, Tech & Cyber Risk - Regulatory & Governance Management Officer – C14 (Hybrid)
CitiNew York New York United States
Hybrid
Full-time
Individuals in Operational Risk establish and manage operational risk policies, propose strategies, and governance processes designed to minimize losses from inadequate controls, fraud, and potential bankruptcy. This includes supervision over technology operational risk, cyber risk, and fraud risk. These individuals are also responsible for the development of tools and infrastructure that support fraud monitoring and prevention, using advanced analytical and statistical skills to identify policy gaps and recommend changes to current policies. This role is crucial to the company as it fortifies against potential operational risks, thereby protecting the company's financial stability and reputation, and contributing towards the overall business resilience and success.
Responsibilities:
- Oversee the application of technology and/or cyber risk policies, tools, technology and governance processes, creating sustainable solutions for minimizing losses resulting from failed internal processes, inadequate controls, and emerging risks.
- Monitor business adherence to Citi’s technology and/or cyber risk policies, standards and procedures.
- Design and oversee the implementation of robust control measures to mitigate identified technology and/or cyber risks.
- Review and challenge the effectiveness of risk mitigation strategies, tools and methodologies used for threat intelligence and threat analysis implemented by the 1st line of defense.
- Build and maintain effective relationships with Business partners, establishing credibility by understanding the business, their needs, strategic priorities, and challenges.
- Provide strategic technology and/or cyber risk advisory and support to the business and other stakeholders. Guide them in making informed decisions that consider the potential impacts and risks of technology and/or cyber threats.
- Partner with key stakeholders to drive technology and/or cyber risk management strategy in alignment with organizational objectives and risk appetite.
- Foster a culture of technology and/or cyber risk awareness and accountability in the organization, ensuring that employees understand their roles and responsibilities in mitigating risk exposure.
- Partner with Sr. management on the reporting and presentation of technology and/or cyber risk incidents, trends, and key developments to the board, regulators, and other key stakeholders, as applicable.
- Support internal and external audits and regulatory examinations, as applicable.
- Report and escalate significant risk issues and breaches to executive management.
- Is an enthusiastic and early adopter of change; takes ownership for helping others see a better future and stay positive during uncertainty.
- Demonstrates and inspires curiosity in seeking new ways to overcome challenges; actively applies learning from failures.
- Challenges self and others to seek out and communicate alternative views even when unpopular; welcomes diverse ideas to improve outcomes.
- Acts as a catalyst for change by identifying and helping others see where new ideas could benefit the organization.
- Proactively seeks to understand and act in alignment with organizational decisions; helps others prioritize team and enterprise success over their own personal agenda.
- Focuses on highest-priority work aligned to business goals; helps others effectively manage competing priorities.
- Proactively identifies opportunities to streamline work; creates process improvements that enhance efficiency for self and the team.
- Takes personal accountability for escalating, identifying, and managing potential risk; implements controls that enhance the client experience and operational effectiveness.
- Anticipates problems and proactively identifies solutions that address the root causes and result in meaningful improvements.
- Sets high expectations and invests the necessary effort to deliver excellence and exceed performance goals.
- Role-models and helps others to do the right thing for clients and Citi in all situations, even when difficult.
- Engages key stakeholders early and often and actively looks for opportunities to improve collaboration in achieving common goals.
- Proactively seeks out opportunities to volunteer in Citi programs that support the community; advocates for solutions that meet the needs of Citi’s clients and the community.
- Enthusiastically promotes the unique needs and preferences of colleagues; makes active commitment to help colleagues achieve balance, well-being, and development.
- Leverages varied networks to recruit diverse talent; advocates for colleagues with diverse skillsets, styles, and experiences to gain career opportunities.
- Empathetically listens and understands others’ positions before acting on issues; works to amplify voices that are minimized in the workplace.
Qualifications:
- Deep understanding of various technology risk and/or cyber principles, strategies, and technologies, including proficiency in areas such as data protection, network security, threat analysis, identity and access management, incident response, and security architecture.
- Proficiency in operational risk management frameworks, industry standards, regulatory requirements, and risk mitigation practices.
- Demonstrated leadership in coordinating with business units and senior management to address technology risk and/or cyber risk issues and implement solutions.
- Experience handling security incidents, including detection, response, mitigation, and post-incident analysis is crucial.
- Demonstrated track record of effectively assessing and managing competing priorities.
- Experience interacting with Regulators and Internal Audit.
- Previous experience collaborating on complex firm-wide projects or processes.
- Experience working in a regulated industry (e.g., banking, finance, insurance, healthcare).
- Professional certifications in either technology risk or cyber risk preferred, including: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), ERM, CET, ISO27001, COBIT, TOGAF, or CRI.
- Effective leadership ability to credibly challenge and influence stakeholders.
- Comfortable in dynamic environments, capable of adapting to change while maintaining focus on risk management objectives.
- Ability to think strategically and align technology and/or cyber risk and broader operational risk management with organizational goals and regulatory obligations.
- Excellent communication skills, with the ability to interact effectively at all levels, develop strong partnerships across the organization, and present complex information clearly to senior management and stakeholders.
- Compelling leadership qualities with ability to credibly challenge the 1st line and influence stakeholders.
- Effective stakeholder management skills, with the ability to understand drivers and overcome barriers.
- Dynamic negotiation skills, a proactive and 'no surprises' approach in communicating issues and strength in sustaining independent views.
- Robust analytical problem-solving abilities and a high level of integrity to deal with highly confidential data.
Education:
Bachelor's/University degree, Master's degree preferred
Job Description
The mission of the Technology and Cyber Compliance and Operational Risk Office (TCCORO) is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while promoting the implementation of actions to address root causes which may lead to unintended operational losses or regulatory breaches. TCCORO provides subject matter expertise to challenge Enterprise, Infrastructure, and Technology entities across the firm. In line with the Operational Risk Management (ORM) and Independent Compliance Risk Management (ICRM) frameworks, we aim to ensure that the internal controls that are designed to mitigate technology and cyber risks are managed, mitigated, and aligned with our risk appetite.
The Tech & Cyber Risk - Regulatory & Governance Management Officer is part of the Risk Analytics and Regulatory Reporting team which serves as TCCORO’s program management and reporting function, deploying in-depth analysis, business process re-engineering, and problem solving to support executive planning, execution, and decision making. The Tech & Cyber Risk - Regulatory & Governance Management Officer will be responsible for developing, coordinating, and finalizing all TCCORO governance reporting deliverables. In addition, this role will assist with Regulatory inquiries and associated activities across the organization. A successful candidate will have experience in global financial services and proven expertise in presentation design, regulatory engagements, executive messaging, governance reporting, and project management. The ideal candidate will have proven experience crafting messages for executives focusing on critical risks and success factors in a way that resonates with senior leadership.
Responsibilities:
- Leads Governance Reporting related responsibilities from receipt of request to final delivery, including tracking, planning, coordinating, drafting, and distributing all related deliverables to meet expected target dates for applicable risk and control forums.
- Serves as TCCORO’s Governance Delegate to liaise between internal executive management and other risk functions.
- Prepares communications and reports, and develops associated presentations for senior management, stakeholders, and regulatory engagements.
- Contributes to the design, roll-out and governance of various reporting solutions.
- Supports the ongoing program management of governance activities across the TCCORO organization (i.e., tracking of deliverables for all committees, forums, working groups, regulatory inquiries, etc.)
- Identifies opportunities to enhance and contribute to the implementation of common processes and integrated technology platforms.
- Presents findings and analysis in a polished manner that is easily understood by internal and external business professionals at all levels.
- Executes ad-hoc activities for the TCCORO organization, including but not limited to drafting materials for presentations to senior leadership, coordinating deliverables related to audits and examinations, and maintaining associated data for executive reporting.
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.
Qualifications:
- Proven experience in the Regulatory Interaction space (i.e., Exam coordination, Meeting materials, Follow Up Requests, Ongoing Supervision, ad hoc requests, etc.)
- 10+ years of relevant experience in Banking, Finance, or related consulting with a focus on governance, communications, and regulatory engagement responsibilities.
- A penchant for story telling using data and visualizations to socialize findings and insights to key executives and stakeholders.
- Strong written and verbal communications skills including the ability to track deliverables and articulate complex problems and solutions through concise and clear messaging; developed communication and diplomacy skills are required to guide, influence, and potentially convince others, in particular colleagues in other areas and occasional stakeholders (i.e., Internal Audit, Citi’s Regulatory Agencies, etc.).
- Ability to effectively prioritize complex projects and the skills to adapt quickly to new challenges and concepts, capable of navigating ambiguity and problem-solving issues in a heavily matrixed corporate environment.
- Highly organized and motivated self-starter with strong attention to detail and a teamwork-oriented approach
- Strong interpersonal skills with the ability to work collaboratively and with people at all levels of the organization within and across project teams, functions and business units under tight timelines.
- Proficiency in MS Office applications (advanced expertise in Excel, PowerPoint, SharePoint, Teams a plus).
Education:
- Degree in finance, accounting, analytics, operations research, statistics, mathematics, or related data science or finance / economics with relevant work experience. Master’s degree preferred.
- Relevant certifications a plus.
------------------------------------------------------
Job Family Group:
Risk Management------------------------------------------------------
Job Family:
Operational Risk------------------------------------------------------
Time Type:
Full time------------------------------------------------------
Primary Location:
New York New York United States------------------------------------------------------
Primary Location Full Time Salary Range:
$176,720.00 - $265,080.00
In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.
------------------------------------------------------
Anticipated Posting Close Date:
Apr 22, 2025------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the "EEO is the Law" poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting
SVP, Tech & Cyber Risk - Regulatory & Governance Management Officer – C14 (Hybrid)
Location
New York New York United States
Workplace
Hybrid
Type
Full-time