25886920 Cyber Security Operations

Roles & Responsibilities

The Cyber Security Operations (CSO) - Asia Cluster Governance Lead will be responsible for partnering with the Global Cyber Security Operations (CSO) Governance Lead (NY based) to help drive the mission of the CSO Governance Team within Asia. The governance function will be responsible for informing the decision making of strategic investments and operational scope through fusing governance data with operational data to ensure risk-based decision making and outcomes. This organization will also act as the liaison for the CSO organization with other internal risk functions, and external risk related activity.

The person in this role will interface and help to support interactions with Citi seniors, regulators, and supervisory groups on topics of cybersecurity and third-party risk.

This individual will be responsible for helping to manage the overall approach for regulatory and audit interactions within the Asia Cluster and help to ensure consistency across engagements. They will be responsible for maintaining an aggregate view of status across all activity and helping to measure, monitor, and report our risks to Global Leadership on a regular basis. This individual will help to provide QA and review of regulatory/audit response as they are prepared by the CSO Service Management Team and will help to ensure that we are adhering to the Firm's Information Sharing guidelines.

Key responsibilities include:

• Governance Framework Development: Partner with the CSO Governance Lead and other CSO Asia Leads across the SOC and Cyber Security Fusion Center (CSFC) Lead to design and implement a CSO/CSFC governance framework, including associated metrics, key risk indicators, and stakeholder engagements with supervisory teams. Design and implement a governance data model to inform strategic and risk-based decision-making.
• Operational Governance Program: Run the day-to-day operational governance program to measure, monitor, and report on cyber operational risk. Establish a regionally focused view of metrics, monitoring, and reporting, ensuring compliance with all APAC-specific reporting requirements (internal and external).
• Stakeholder Management & Collaboration: Build strong partnerships with internal teams and external organizations related to cyber operations governance. Engage regularly with audit, compliance, and regulatory bodies globally. Oversee and ensure that all regulatory and audit responses are prepared in accordance with the firm's information sharing guidelines.
• Continuous Improvement & Optimization: Drive continuous improvement of organizational processes and the operating model. Identify areas for automation and optimization, championing projects to enable these improvements. Ensure that analysis, reporting, and metrics contribute to prioritizing the most critical risks and threats.
• Performance & Time Management: Effectively manage multiple detail-oriented tasks under tight deadlines.

Qualifications:

• A minimum of 10 years' experience forming cyber analytical and/or operational teamsAnd any of the below:
• 5+ years experience in Audit or Operational risk management
• 5+ years experience with Intelligence Fusion
• 5+ years experience leading analysis teams

Education:

• Bachelor's degree in Computer Science, Information Assurance, Computer Security, or equivalent
• Master Degree in a related field is highly desired, or equivalent years of experience

How You'll Succeed

Be conscientious and consistent in identifying security vulnerabilities and working with the respective engineering teams and stakeholders to provide sound guidance and remediations. Be a team player, and a keen learner.

Working at Citi is far more than just a job. A career with us means joining a family of more than 230,000 dedicated people from around the globe. At Citi, you'll have the opportunity to grow your career, give back to your community and make a real impact.

Take the next step in your career, apply for this role at Citi today

https://jobs.citi.com/dei

Tell employers what skills you have

Leadership
Security Operations
Service Management
Cyber Security
Investments
Information Assurance
Audit Compliance
Operational Risk Management
Compliance
Time Management
Operational Risk
Team Player
Decision Making
Stakeholder Management
Audit
Computer Security

---