11 days old

Director, Tech/Cyber Operational Risk

New York, NY 10176
**Job Description**

The Operational Risk Management (ORM) Group at Citi is the firms reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational risks while promoting the implementation of actions to address root causes which may lead to unintended operational losses. The ORM Technology and Cyber office (TCRO) team provides the specialist subject matter experts to challenge Enterprise, Infrastructure, Operations and Technology entities across the firm. We are the technology and cyber conscious of the bank. In line with the ORM framework, we aim to ensure that the internal controls that are designed to mitigate technology and cyber risks are managed, mitigated, and aligned with our risk appetite.


Reporting into the Global Head of Enterprise Technology & Cyber Architecture and Engineering Risk within TCRO, the Head of Global Functions Technology/Global Functions/CSS Coverage team will be providing leadership with oversight for Tech/Cyber Risk for Global Functions, Global Functions Technology, and Citi Shared Services organizations.

Ideal candidate will be strategic, proven leader, strong technically, provide thought leadership, having strong industry engagement, and strong relationship builder that can influence and challenge effectively; will have experience with building and maintain teams, providing guidance and mentorship.

The following highlight the coverage area responsibilities for this Director position:

+ Provide leadership to the Second Line influence, advisory and challenge of key programs for the organizations covered including Application/Solutions development, Technology incidents, Infrastructure, production assurance, alignment with business objectives, Cloud, Tech and Cyber Policies and Standards, Data Security, and Software Security

+ Oversight of the establishment and implementation of technology standards, procedures, and frameworks for the coverage domains.

+ Governance and Oversight of business and technology risk while supporting the development of policy and standards; oversight of Key Operational Risks; challenge risk self-assessments and scenario analysis; issue management oversight and escalations

+ Represent TCRO/Second line of defense in various forums including Risk Forums, Safety & Soundness, Risk committees etc.

+ Oversight over multiple Technology programs including but not limited to Software development, Change Management, Architecture, Production assurance, monitoring, execution of enterprise technology standards and procedures amongst others

+ Actively engaged in the industry on latest in Technology Risk, and Emerging Operational Risks.

+ Oversight of planning, and implementation of technology programs including their governance, identification of risks and controls

+ Influence, and challenge as the organization implements the Transformation program for Technology Risk.

+ Oversight of the establishment and implementation of SDLC as prescribed through the CTO office.

+ Oversight of the delivery and performance of technology solutions and shared services that support Global Function areas, including HR, Risk, Finance, Treasury, and Citi Holdings.

+ Implementation of guidance for overseeing Tech/Cyber Operational Risks, aligned with OCC Heightened Standards.

+ Oversight of the delivery and performance of enterprise technology infrastructure solutions, including the standards and governance for safe adoption and leverage of cloud solutions

+ Able to present and lead discussions with key Regulators, internal and external auditors, as well the Risk and Audit sub-committees.

+ Advise on best practices leveraging expertise and industry insights

+ Evaluate the design of controls and help technology and business managers understand the impact of control weaknesses to their service delivery capability.

+ Review and challenge coverage area appropriately consider significant operational risk in their Management Control Assessments (MCAs).

+ Evaluate the extent to which first line is aligned with internal and external control standards, as well as regulatory and audit requirements, including COBIT.

+ Review of the performance of universal key indicators and other metrics in support of the Technology and Cyber Risk Appetite Statements.


The Head of Global Functions Technology/Global Functions/CSS Coverage team will be an acknowledged thought leader in technology and cyber risk management with over 20 years of technology experience in complex IT management, tech/cyber risk, and controls with globally complex, dispersed, and diverse organizations.

The ideal Director will have in-depth, detailed knowledge of technology risks and controls, infrastructure, cloud, and emerging Technology Management, Operations, and Information Security practices in the financial industry especially as it relates to internal control functions (e.g., Finance, HR, Shared services). This individual should have the following experience and skills:

+ Knowledge of full system, software, and security development lifecycle.

+ Experience with the management and oversight of technology infrastructure components such as Network, servers, databases, and data center design and operations.

+ Knowledge of Information Security and Cyber security controls, technologies, operations, and operational response processes.

+ Knowledge of Cloud security and controls, including secure design patterns and governance

+ Experience with reviewing and evaluating Enterprise technology architecture design and solutions to include reviewing the people, process, and technology components.

+ Knowledge of the risks and underlying controls that support the integration, testing and support to business application and services, to include ATMs, Payment Systems, Mobile Applications, and Banking applications.

+ Knowledge of working with internal business functions such as Finance, HR, Software development, Shared services

+ Working familiarity with data warehousing and big data environments.

+ Working familiarity with automated monitoring tools and incident tracking tools to effectively communicate and manage incidents, defects, and data quality issues.

+ Strong analytical and problem-solving skills

+ Experience presenting to Executive Committees and other senior forums

+ Strong leadership, communication, and presentation skills


**Job Family Group:**

Risk Management


**Job Family:**

Operational Risk


**Time Type:**

Full time


Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review **Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm)** .

View the "EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) " poster. View the EEO is the Law Supplement (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/OFCCP\_EEO\_Supplement\_Final\_JRF\_QA\_508c.pdf) .

View the EEO Policy Statement (http://citi.com/citi/diversity/assets/pdf/eeo\_aa\_policy.pdf) .

View the Pay Transparency Posting (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp\_%20English\_formattedESQA508c.pdf)


Effective November 1, 2021, Citi requires that all successful applicants for positions located in the United States or Puerto Rico be fully vaccinated against COVID-19 as a condition of employment and provide proof of such vaccination prior to commencement of employment.
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.


Posted: 2022-05-13 Expires: 2022-06-12

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Director, Tech/Cyber Operational Risk

New York, NY 10176

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast