Cybersecurity Control Testing Lead - VP (Hybrid)
Publication date:
24 November 2024Workload:
100%Contract type:
Permanent position- Place of work:Jacksonville
Cyber Security Controls Testing Leader – C13
The Global Functions Control Testing Utility is responsible for the testing of controls that are designed and executed by the Citi’s Global Functions teams such as Finance, HR, Operations, Technology, COO & ESPA as well as the CBNA Legal Vehicle.
This position reports to the Cyber Security Controls Testing Head, within the Global Functions Technology Control Testing Utility; and is an execution-oriented individual contributor position accountable for end-to-end Cyber Security & Information Security controls monitoring – i.e., operational controls performance assurance/testing – which includes design, execution, results reporting, and insight sharing related to the above scope of controls monitoring/testing.
The Cyber Security Controls Testing leader is a subject matter expert on overall controls monitoring, with an excellent level of understanding of control testing and who closely follows latest trends in Cyber Security & Information Security controls testing and adapts them for application within their own job and covered businesses and functions.
Excellent communication skills required to negotiate internally, often at a senior level. Developed communication and diplomacy skills are required to guide, influence and convince others, particularly colleagues in other areas and occasional external customers. Accountable for significant controls testing results and advice regarding the controls execution. Necessitates a degree of responsibility over technical strategy.
Responsibilities:
- Supports the Cyber Security Controls Testing Utility by acting on assessing control design, designing control testing tools, developing control testing procedures, ensure control testing transitions, dispositioning exceptions, and developing insights.
- Carries key responsibility for Control Design Assessment (CDA) by executing CDA checklist/procedures for controls and recording results in Citi Risk & Control (CRC).
- Owns significant portions of control testing design activity, which includes writing control testing tool descriptions, and completing control testing and QUEST setup.
- Develops control testing procedures in Confluence and is responsible for obtaining necessary signoffs from covered businesses and functions.
- Performs a uniquely significant role on training Central Execution team overseas on all designed control testing tools and established control testing procedures.
- Has the ultimate decision on controls testing outlier disputes, holds the responsibility to raise concerns through IMPACT Concerns or QUEST Observation Logs based on the Business.
- Creates materials for Operational Risk Forums (ORF) and senior meetings as needed and investigates causes for results that are deviating from trends and escalate situations that pose excessive risk(s).
- Develops and drives quality-checking routines to ensure compliance with all relevant policies, operating guides, and owned control testing.
- Supports team members on topics ranging from control testing design to performance management and control testing platforms basics.
- Helps drive continuous improvements in accuracy, efficiency, timeliness, and quality of MCA control design assessment and controls testing.
- Maintains relationships and drives accountability with partners and stakeholders to drive control testing's success in support of the business's strategy.
- Appropriately assesses risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.
- Support other relevant work efforts of the department where needed and as directed by their manager.
Qualifications:
- 5+ years relevant experience, 3+ years in Risk & Controls roles.
- Subject matter expert on controls design, execution and/or control testing.
- Excellent understanding of MCA (Managers Control Assessment) frameworks and processes.
- Advanced skills in MS Word, MS Excel, MS PowerPoint, and MS SharePoint.
- In-depth experience of Cyber Security & Information Security Controls as well as strong exposure to Risk and Control as well as Controls Design, Monitoring and Testing.
- Effective communication, written and presentation skills.
- Strong people and relationship management skills with the ability to influence others and foster a sense of collaboration.
- Independent thinker and able to perform a credible challenge of businesses/functions.
- Ability to work effectively on virtual teams, including across different geographies and time zones preferred.
- Relevant certification related to Cyber Security & Information Security as well as Risk & Control would be preferred.
Travel Requirement:
- Less than 10%.
Education:
- Bachelor’s/University degree, Master’s degree preferred.
Primary Locations:
- Irving, Tampa, Jacksonville, Florence.
------------------------------------------------------
Job Family Group:
Risk Management------------------------------------------------------
Job Family:
Business Risk & Control------------------------------------------------------
Time Type:
Full time------------------------------------------------------
Primary Location:
Jacksonville Florida United States------------------------------------------------------
Primary Location Full Time Salary Range:
$103,920.00 - $155,880.00
In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.
------------------------------------------------------
Anticipated Posting Close Date:
Nov 11, 2024------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi .
View the " EEO is the Law " poster. View the EEO is the Law Supplement .
View the EEO Policy Statement .
View the Pay Transparency Posting