The CSIS Controls & Transformation program is in need to incorporate an Information Risk Manager to properly support all CSIS functional teams at a global level through leadership, consultancy, and program oversight ensuring corporate policies adoption and strong compliance levels, while achieving consistency and robust risk and control practices. CSIS owns technology infrastructure that needs to be constantly assessed from the information risk management perspective.

Job Summary

Citi Security and Investigative Services (CSIS) is a full-service security and investigative team that protects the assets, integrity, and reputation of Citi and its clients by providing best-in-class investigative products and services to clients across the company globally. We accomplish this by offering in-house professional security services and independent investigations to clients across all of Citi's businesses and geographies, partnering with other Citi business groups, law enforcement agencies, governments, and others to protect our employees, businesses, clients, and information.

Within CSIS, the Operations unit provides support to all functional CSIS areas (Security, Crisis Management, Executive Protection, Investigations, and Intelligence) while providing senior leadership and business partners with consistent methodologies, internal consultancy, risk management and innovation to sustain corporate program governance through Operations & Business Execution, Controls & Transformation, Business Analytics, Project Management & Technology, and the Chief of Staff office.

The CSIS Global Head of Information Risk Management is accountable for providing the CSIS organization with leadership, consultancy, and program oversight to deliver a standard and consistent approach to business operations across all units and geographies, ensuring a robust risk and control infrastructure while delivering effective and efficient services to our functional areas and business partners.

The CSIS Global Head of Information Risk management reports directly to the CSIS Global Head of Controls and Transformation and responsibilities include managing a multi-disciplinary organization of programs and engages with other senior managers across Citi (Information Security, Records Management, Data Privacy, Continuity of Business, CTI, Legal, Operational Risk Management and other global functions professionals). Engagement requires involvement to ensure proper corporate programs execution and compliance levels. As part of this role, it is required to develop medium to long-term plans and execute functional strategies for a large/complex country, cluster of countries, or business requiring coordination and integration across units. The position requires a broad and comprehensive understanding of the different policies, systems, theories, and practices relevant to the Information Risk Management programs. The position requires a thorough understanding of the strategic direction of Citi and CSIS to collaborate with senior leaders to contribute and supply insights that enhance the business strategy. This position also requires a thorough understanding of industry knowledge, trends and best practices that can be applied to the function and programs.

Responsibilities:

• Manages the CSIS Information Risk Management team.

• Provides management and guidance on the identification, assessment, management, and mitigation of current and emerging (inherent and residual) risk exposures associated with CSIS Information Risk Management activities and operations.

• Drives compliance with applicable Information Risk Management laws, rules, and regulations, adhering to Policy, applying sound ethical judgment, conducting business practices, escalating, managing remediation and reporting control issues with transparency.

• Consults with corporate partners such as the Chief Information Security Office (CSIS GISO, BISO), Records Management Office, Data Privacy Office, Continuity of Business Office, Operational Risk Management Office, CSIS Data Governance Officer, to ensure proper adoption of policy mandates and compliance levels.

• Partners with CSIS functional programs management representatives to set the risk appetite for CSIS while promoting an initiative- risk management culture.

• Provides support and consultancy to all CSIS programs employees on any matters within the information risk management scope.

• Creates methodologies, procedures, and governance of the overall CSIS Information Risk Management programs to properly guide our employees on the implementation of the associated policies.

• Designs and implement Information Risk Management indicators related to Key Operative Risks (KOR), Key Risk Indicators (KRIs) in alignment with Citi’s top risks taxonomies and appetite.

Qualifications:

• 10+ years of experience

• Excellent communication skills required in order to negotiate internally, often at a senior level. Some external communication may be necessary.

• Full management responsibility of a team or multiple teams, including management of people, budget and planning, to include performance evaluation, compensation, hiring, disciplinary actions and terminations and budget approval.

• Demonstrated ability to apply knowledge of regulatory/compliance risk and other applicable US and international regulations, particularly as they relate to Information Risk Management.

• Demonstrated strong understanding of cybersecurity risk, mitigation, and solutions to resolve threats using industry leading technical controls and tools.

• Demonstrated a strong understanding of technologies, their purpose, security requirements and data protection needs.

• Strong Project Management and organizational skills.

• Proven ability to work in high-pressure, challenging environment with a strong sense of urgency.

Education:

• Bachelor's/University degree, Master's degree preferred.

• CISSP, CISM, CRISC, CISA preferred.

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

Job Family Group:

Risk Management

Job Family:

Business Risk & Control

Time Type:

Full time

Primary Location:

Tampa Florida United States

Primary Location Full Time Salary Range:

$130,880.00 - $196,320.00

In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.

Anticipated Posting Close Date:

May 17, 2024

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm) .

View the "EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) " poster. View the EEO is the Law Supplement (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf) .

View the EEO Policy Statement (http://citi.com/citi/diversity/assets/pdf/eeo_aa_policy.pdf) .

View the Pay Transparency Posting (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf)

Citi is an equal opportunity and affirmative action employer.

Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.