12 days old

Third Party Information Security Assessor

Citigroup
Tallapoosa, GA 30176
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management


The EMEA TPISA Utility will cover all countries in EMEA. The objective is to enable EMEA countries to comply with the TPISA Program requirements defined in Citis Information Security Standards (CISS) by performing the Third Part


O&T Risk Managements goal is to create a shared utility to drive more effective Third Party Information Security Assessments in EMEA. The focus will be on established a central team of Information Security experts to assess, report and track IS risk associated with Citis suppliers in EMEA. By establishing a central team, that will implement standardize best-in-class practices, we will improve the quality and value of the IS Assessments.


In line with the foregoing, we intend to create the EMEA TPISA Utility as a separate department/unit in Hungary reporting into OTRM - Core IS Services and Utilities The EMEA TPISA Utility will cover all countries in EMEA.


**Responsibilities:**


+ Provide Subject Matter Expertise (SME) to TPISA process stakeholders.

+ Coordinate with Business Information Security Officers (BISO) and Relationship Managers (RM), to initiate, plan and complete Third Party Information Security Assessments.

+ Work closely with BISO's and RM's to perform assessments via on-site or remote reviews for new and existing vendors ensuring compliance with Citi Information Security Standards.

+ As needed, perform physical security control on-site assessments at EMEA supplier locations.

+ Determine the appropriate levels of controls to safeguard sensitive data and validate those controls are being implemented at third party vendor sites.

+ Provide a full write-up of the assessments that includes the results and identifies any Information Security Gaps to be addressed by the third party vendor.

+ Work with BISOs and RMs to follow up on all issues identified via on-site reviews utilizing appropriate tracking systems.

+ Maintain records regarding all onsite reviews and remediation of identified issues within the approved tools/systems.


**Qualifications:**


+ At least 5-6 years of experience in an Information Security related role.

+ Experience in provide IS security guidance to business customers and peers.

+ Experience with interpretation and application of IS Policy and Standards.

+ Familiarity of business, regulatory and compliance requirements.

+ Fluent English and additional languages _will be considered a plus_ during the selection.

+ Strong written skills are required in the documentation of IS Gaps/IS Risk.

+ Strong risk analysis and problem-solving skills .

+ Should have at least one of the following Certifications: CISSP, CISA, or CISM.

+ Bachelors degree/University degree or equivalent experience. Masters degree preferred.

+ Additional technical certifications that are a plus - Security+, MCSE, CEH, CCNA, CRIS.


**Benefits:**


+ Long-term career path across geographies and business lines.

+ Friendly work atmosphere.

+ Competitive compensation package.

+ Flexible work arrangements.

+ Paid Parental Leave Program: At Citi, we aim to support families through all life stages, and do our best to help our colleagues manage work and family life, we provide additional support to our employees (maternity leave and paternity leave) on top of the local legal requirements.

+ We offer recognition of your efforts through our compensation package with added benefits:

+ Private Medical Care Program and onsite medical rooms in our buildings

+ Pension Plan Contribution to Voluntary Pension Fund

+ Group Life Insurance


-------------------------------------------------


**Job Family Group:**


Technology

-------------------------------------------------


**Job Family:**


Information Security

------------------------------------------------------


**Time Type:**


Full time

------------------------------------------------------


Citi is an equal opportunity and affirmative action employer.


Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.


Citigroup Inc. and its subsidiaries ("Citi) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review **Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm)** .


View the "EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) " poster. View the EEO is the Law Supplement (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/OFCCP\_EEO\_Supplement\_Final\_JRF\_QA\_508c.pdf) .


View the EEO Policy Statement (http://citi.com/citi/diversity/assets/pdf/eeo\_aa\_policy.pdf) .


View the Pay Transparency Posting (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp\_%20English\_formattedESQA508c.pdf)
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.

Categories

Posted: 2022-05-13 Expires: 2022-06-12

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Third Party Information Security Assessor

Citigroup
Tallapoosa, GA 30176

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast