Information Security Technical Lead Analyst

The Information Security Technical Lead Analyst is a senior level professional position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. Applications used overall in Citi businesses must be reviewed from information security point of view. This position is for those applications where Citi or client data handled outside of the Citi managed area. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy. Following CART (Cloud Architecture Review team) procedures are key to be successful.

Responsibilities:

• Identify opportunities to automate and standardize CART security controls and for the supported groups
• Resolve any issues detected in CART security assessment of an application
• Analyze applications' data to be able to identify its category for security reviews and provide support for application owners to be able to pass review process
• Oversee an organization's cloud workload from security assessment
• Reduce risks by analyzing the root cause of issues, their impact, and required corrective actions
• Direct the development and delivery of secure solutions by coordinating with business and technical contacts to build up new CART processes or to improve them
• Drive quality in governance reporting to senior leadership.
• Track and trace all necessary materials for the CART security assessments
• Be a partner for Citi Internal Teams looking to introduce new capabilities within their business
• Assist with regulatory requests
• Directs the communication of status, issue, and risk disposition to all stakeholders, including Senior Management, on a timely basis in your own CART Projects
• Collaborate with senior Citi management across business and functional lines as each introduce new capabilities, to keep SaaS activity within our risk tolerance.
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Qualifications:

• 5+ years of relevant experience in Project Management with information security, cyber security
• Knowledge of 3rd party supplier controls and risk assessment for applications is preferred
• Experience with technical documentation, API specifications, architectural diagrams etc.
• Experience in the design and implementation of Compliance programs and projects.
• Demonstrated ability to assess complex issues through root cause analysis and other analytical techniques; structure potential solutions; drive to resolution with senior stakeholders.
• Ability to handle conflicting priorities while delivering on multiple concurrent activities with short-term deadlines and changing priorities.
• Consistently demonstrates clear and concise written and verbal communication
• Proven influencing and relationship management skills, strong track record of interacting and working with Senior Leaders

Technical skills

• Expert in SharePoint workflow tool
• Expert in MS Office tools
• Able to read, understand network diagrams, business process flows
• Cloud skills, Basic cyber security knowledge, experience is expected (ISC2 Certifications are preferred: CCSP, CISM, CISSP, CRISC,...)
• Any proven project management experiences, (PMP certification is preferred, but not required when significant experience can be proved)

Education:

• Bachelor's Degree in Computer Science, Engineering (equivalent experience will also be considered)
• Master's degree preferred

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

Job Family Group:

Technology

Job Family:

Information Security

Time Type:

Full time

Most Relevant Skills

Please see the requirements listed above.

Other Relevant Skills

For complementary skills, please see above and/or contact the recruiter.

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View Citi's EEO Policy Statement and the Know Your Rights poster.

---