4 days old

APAC CSC Cluster Information Security Officer

Citigroup
Mumbai
The CSC Information Security Officer oversees the execution of information security requirements, serves as an information security subject-matter expert for the APAC Citi Service Centers (CSC) and act as a Deputy to the APAC CSC IS Cluster Lead. This role will support the CSCs and work closely with Business, Operations & Technology teams, Citi Technology Infrastructure and the overall ISO community to oversee and monitor adherence with Citi IS Policy and Standards, manage risk and provide Business advise on Information Security, Insider Threat, Cross Border Data Flows/Governance and Third Party Risk.


Reports to the APAC CSC IS Cluster Lead


**Key Responsibilities**


+ Support businesses and functions in maintaining the confidentiality, integrity, and availability of Citis information resources and assets.

+ Partner with business and technology stakeholders to ensure Citis people, processes, and technologies comply with Citis IS policies and standards.

+ Assist the businesses and functions with assigning the Citi Information Classification and Data Privacy Indicator to resources in Citi System Inventory (CSI).

+ Facilitate the timely completion of required Information Security Risk Assessments.

+ Oversee the establishment and approval of Information Security Corrective Action Plans (CAPs) and /or Risk Exceptions (REs) prepared by issue owners.

+ Serve as a contact for Citi workers to report suspected or actual breach of confidentiality, integrity, or availability of Citi Information. ISOs document and report Information Security Incidents (SIRT) to Citi's Security Incident Management (SIM) Team.

+ Report key IS risks to business stakeholders, and ensure they are accountable for IS controls, risk mitigation, and remediation activities.

+ Manage IS risk by analyzing the root cause of issues, their impact to technology, and the required corrective actions.


**Key Activities**


+ Advise the business of the appropriate controls for safeguarding sensitive information based on Citis IS classification standards and the IS risks inherent and/or affecting the information assets

+ Drive constructive procedural changes to ensure effective risk-based implementation of IS requirements.

+ Work with the business to manage IS risk by analyzing the root cause of threats, likelihood and impact of issues, and then support the business in implementing the required controls.

+ Document security incidents (SIRTs) and assist security incident response investigators as instructed.

+ Oversee completion of entitlement reviews and support the EERS Review QA process.

+ Ensure remediation of identified non-compliant issues are documented and/or addressed.

+ Review Corrective Action Plans (CAPs) documented by CAP and issue owners for all IS-related gaps and ensure adequate mitigation prior to submitting issues for closure.

+ Generate and present business specific IS metrics and reports.


**Qualifications:**


+ Solid risk management skills including management of third party, data protection and Information Security knowledge

+ Knowledge of key government regulations and local laws

+ Excellent consulting and problem solving skills

+ Able to convey ideas, advice and resolution options to enable business to senior management and staff

+ IT technical knowledge with a business acumen to be able to engage both business and technology teams.

+ Able to work with senior business management to implement IS strategy.

+ Industry certifications: either one of CISA/CISSP/CISM preferred; the successful candidate will be expected to obtain an IS industry certification if not already held

+ Degree: at least a Bachelors degree in either Computer Science/Engineering/Business/Finance; Masters degree a plus

+ At least 6 years of professional information security and / or technology risk management experience


**Other Requirements**


+ Excellent consulting and problem-solving/analytical skills.

+ Advanced presentation skills and program management

+ Good business communication skills

+ Team-player, proactive, assertive, service-oriented and has good people-skills.

+ Proven ability to manage multiple tasks and priorities.

+ Ability to manage tight time frames and communicate effectively with peers and management.

+ Flexibility to adapt to changing demands and priorities.


This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.


-------------------------------------------------


**Job Family Group:**


Operations - Core

-------------------------------------------------


**Job Family:**


Operations Support

------------------------------------------------------


**Time Type:**


Full time

------------------------------------------------------


Citi is an equal opportunity and affirmative action employer.


Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.


Citigroup Inc. and its subsidiaries ("Citi) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review **Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm)** .


View the "EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) " poster. View the EEO is the Law Supplement (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/OFCCP\_EEO\_Supplement\_Final\_JRF\_QA\_508c.pdf) .


View the EEO Policy Statement (http://citi.com/citi/diversity/assets/pdf/eeo\_aa\_policy.pdf) .


View the Pay Transparency Posting (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp\_%20English\_formattedESQA508c.pdf)
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.

Categories

Posted: 2022-05-13 Expires: 2022-06-12

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

APAC CSC Cluster Information Security Officer

Citigroup
Mumbai

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast