Citi ISO Group Manager (GISO) – Citi Shared Services (CSS) – SVP in Tampa, Florida
Primary Location: United States,Florida,Tampa
Education: Bachelor's Degree
Job Function: Risk Management
Shift: Day Job
Employee Status: Regular
Travel Time: No
Job ID: 18032657
This is a Subject Matter Expert/Manager role as a dedicated Information Security professional in the Global Information Security (GIS) organization supporting the Citi Shared Services organization consisting of HR Shared Services, Global ID Administration, Finance & Risk Operations, and General Service / Global Travel.
The GISO works to ensure Citi's information is protected by effectively applying the Confidentiality, Integrity and Availability framework as required by Citi IS policy and standards as well as by local regulation. The GISO will partner directly with the business and technology leadership to ensure information security risks are identified, assessed, mitigated and controlled through the deployment of a sustainable information security risk management program. The GISO is accountable for all IS activities that are relevant and applicable to Citi Shared Services organization.
This individual will support the complete spectrum of business level IS programs including, but not limited to; security incident management, Information Security Risk Assessment (ISRA), risk exception and corrective action management, identity and access management (IAM), training and awareness, third party IS assessment (TPISA). The GISO is a true risk manager and is expected to proactively prioritize their own work using a risk based approach. This requires flexibility and adaptability to changing priorities.
The successful candidate is expected to interact effectively with business staff and senior management, other ISO's, the Group Information Security Officers, regional and global program teams, internal audit, clients and regulators.
Leads meetings in fast paced environment communicating complex security topics effectively at all levels of the organization.
Confirms through coordinated testing efforts that applications deployed in support of a business appropriately protect the confidentiality, integrity, and availability of business information and stored and processed by them.
Educates and advises the business and technical leaders regarding development, delivery, and management of security solutions.
Interacts with and collaborates on all matters impacting Information Security with multiple levels of management.
Participates in the planning and implementation of Information Security administration for IT projects and initiatives.
Defines and implements and applies area-wide security policies and standards by leveraging knowledge of globally accepted information security principles.
Participates in the evaluation and selection of applications, systems and vendors with specific focus on Information Security implications.
Provides timely and regular Information Security risk management reports highlighting key issues and correction action plans; monitors implementation of approved plans.
Provides security oversight for major system designs by reviewing system security capabilities, recommending improvements and approving plans as part of the system development lifecycle.
Possesses a comprehensive understanding of how own area and others (i.e., business process, architecture or infrastructure) collectively integrate to contribute towards achieving business objectives. Excellent communication skills required in order to negotiate internally, often at a senior level. Some external communication may be necessary.
Accountable for the end results of area of responsibilities.
Exercises control over resources, policy formulation and planning. Involved in short- to medium-term planning of actions and resources for own area.
Full management responsibility of a team of Information Security professionals, including management of people, budget and/or planning.
Partners with GISOs and Global IS Program Managers to improve processes and reduce risk for the organization.
Ensures that the ISO consulting services are performed to meet the needs of businesses across the Sector or Region.
About Citi :
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.
Citi’s Mission and Value Proposition explains what we do and Citi Leadership Standards explain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients’ and the public’s trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.
Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop to are widely available to all.
Bachelor's Degree or equivalent work experience
8+ years of solid experience in either IT analysis/design, program/project management, information security or control and compliance
IS Certification: Required (CISSP, CISM, or CISA) – Technology certifications may also equate to the same standards
Strong collaborative and communication skills; highly dependable team player with ongoing commitment to excellence
Organized, self-motivated and able to work independently with minimal supervision in a fast-paced environment and with tight schedules
Demonstrated strength in people management and team building
Strong execution capability
Excellent communication and interface skills
Ability to operate in diverse environments and cultures
In-depth knowledge of operations and processes, ideally across multiple geographies
Must be highly organized and have strong project management skills
Able to operate and articulate effectively in a matrix environment and at multiple levels of management
Interested enthusiastic candidates that may not meet exact requirements are still encouraged to apply.