ICG Technology Information Security Team is responsible for managing risk and providing controls and compliance guidance and support to Technology Development Units by ensuring compliance with Citi IS standards, policies, and procedures, liaising with internal and external auditors. The Information Security Officers will have strong technical acumen and should establish relationships with development teams, domain architects, project managers and other disciplines within the Application Technology units. ISO will be a focal point for ensuring that there is a strong Information Security environment as well as ensuring applications, or systems, deployed in support of a business provide a level of protection appropriate to the class of information managed in those systems.
- Support ICG Asia Sr. Technology Information Security Officer to govern and manage information security operations for ICG Technology business in Asia.
- Lead Asia ICG Technology Information Security team engagement in internal/external audits and regulatory enquiries.
- Manage Third Party Information Security Assessments and Business Process Outsourcing reviews.
- Manage IS related risk remediation efforts in response to audits, regulatory examinations and cyber security assessments.
- Manage all relevant IS metrics, KPIs/KRIs and provide governance, management escalations and path to green plans.
- Implement & monitor corporate IS Policies / Programs in the region for ICG Technology staff.
- Create information security awareness for end users in ICG development and other technology teams.
- Understand and implement controls required to comply with Citigroup policies, legal and regulatory mandates.
- Ensure coverage and oversight of BAU information security operational needs as needed for the ICG Technology.
- Develop a strong understanding of the ICG Technology business as well as other security domains and provide appropriate risk reduction consultation to the ICG Technology.
- Provide oversight to ensure that IS BAU processes are completed in a timely manner.
Job Family Group:
- University Degree and CISA / CISM / CISSP certification(s) is a plus
- 8 + years of solid experience in Information Security, Risk Management, Information, Third Party Assessments or security audit.
- Strong stakeholder management, collaborative and communication skills. Highly dependable team player with ongoing commitment to excellence
- Ability to interface with Senior management from the supported Business Units and present / articulate IS related concerns and improvements
- Strong aptitude, detail oriented, be accountable and ensure the business trust is established.
- In depth knowledge of security operations & processes, ideally across multiple geographies
- Organized, self-motivated and able to work independently with minimal supervision in a fast-paced environment and with tight schedules
- Ability to influence IS team members across various countries in Global and Asia regions.
- Collaborative, can-do attitude, ownership minded, strong analytical and execution capability
- Excellent communication and interface skills.
- Must be highly organized and have strong project management skills.
- Able to operate and articulate effectively in a matrix environment.
Technology Job Family:
Information Security Time Type:
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi
View the " EEO is the Law
" poster. View the EEO is the Law Supplement
View the EEO Policy Statement
View the Pay Transparency Posting