Information Security Governance Analyst - Vulnerability Threat Management (VP) Citi
Irving, TX

Job Description

* Primary Location: United States,Texas,Irving
* Education: Bachelor's Degree
* Job Function: Risk Management
* Schedule: Full-time
* Shift: Day Job
* Employee Status: Regular
* Travel Time: No
* Job ID: 19019898

Description

Role/Responsibilities:

Information Security Governance Analyst will play a leading role in driving information security analysis and strategy within the Citi Enterprise Infrastructure Operations and Technology (EIO&T IS) team. This position reports to the head of EIO&T Vulnerability Threat Management Strategy & Program Governance. This role is a key business enabler to provide information security vulnerability risk analysis and strategic recommendations for the Vulnerability Threat Management program for the ongoing improvement of vulnerability risk and technical debt within all business areas by effectively building relationships and communicating and educating governance with business stakeholders.

* Develop and manage Vulnerability Threat Management program performance through tracking/reporting of metrics and active engagement with stakeholders for continuous service improvement.
* Provide oversight and governance to engineering and operating processes to reduce vulnerability risk.
* Engage with cross-sector, global and risk teams in the review and reengineering of key controls and processes to effectively and efficiently manage IS issues.
* Educate Vulnerability Threat Management governance and awareness throughout the cross-sector business units.
* Contribute to implementation of security improvements by assessing baseline, evaluating trends, and anticipating requirements to adjust strategy.
* Develop horizontal view of vulnerability risk posture across multiple domains.
* Improve the efficiency of information security processes and advance the effectiveness of the information security controls of the operating model.
* Act as point of contact to executive leadership for dimensioning, managing and driving remediation of information security risk within the context of legacy assets.
* Work with various risk and information security teams in presenting recommendations for improvements to technology subject matter experts and management.
* Conduct issue risk analysis and present recommendations to IS management and stakeholders.
* Additional ad-hoc IS & Risk related initiatives and projects.

About Citi:

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.

Citi's Mission and Value Proposition explains what we do and Citi Leadership Standards explain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients' and the public's trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.

Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop to are widely available to all.

Qualifications

* Bachelor's Degree or equivalent work experience required (Master's Degree preferred).
* 5+ years of experience in information security, information technology or business administration management.
* Excellent problem solving abilities and analytical skills. Ability to see the big picture with high attention to critical details.
* Strong work ethic, excellent use of discretion and judgment.
* Results oriented, is able to achieve desired outcomes independently and at appropriate priority levels.
* Well organized with follow-up abilities; has a track record of effectively managing multiple tasks in a dynamic environment.
* Ability to work under pressure, meet challenging deadlines.
* Demonstrated ability to work effectively as part of a team.
* Effective communicator; has excellent writing and verbal skills. Able to adapt communication style as needed to communicate messages with clarity.
* Has the ability to influence others and shape/obtain desired outcome in areas outside of direct control.
* Demonstrated ability to develop and implement process improvement initiatives.
* Strong knowledge of industry standards as they relate to business process improvement or information security management
* Professional Certification(s) required or will be expected to acquire (i.e. CISA, CISM, etc.).
* Knowledge of data analysis, risk assessment methodology, and risk management process.
* Knowledge of business analytics software is a plus.