Technology Risk

As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our **Enterprise Operations & Technology** teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do. We keep the bank safe and provide the technical tools our workers need to be successful. We design our digital architecture and ensure our platforms provide a first-class customer experience. Our operations teams manage risk, resources, and program management. We focus on enterprise resiliency and business continuity. We develop, coordinate, and execute strategic operational plans. Essentially, Enterprise Operations & Technology re-engineers client and partner processes to deliver excellence through secure, reliable, and controlled services.

**Citi Technology Infrastructure** provides the critical technical foundation for Citi’s operations and is responsible for delivering IT solutions, scalable infrastructure services, and secure capabilities while creating a trusted customer experience and enabling Citi’s workforce to be the best for our clients. Making the bank simpler, greener, and better connected while powering it with trusted, well-secured platforms and data, and automating policy enforcement through code are all at the heart of our refreshed global strategy. Data Quality, Simplification, Environmental Stability, Automation, and Service Excellence are the key pillars and priorities on our strategic journey.

CTI AP Risk Management and Governance (RMG) is responsible for performing independent risk identification and assessments, managing emerging and operational risks, with the aim of strengthening the controls across CTI proceses in Asia Pacific region. Primary functions under CTI Risk Management and Governance include Manager’s Control Assessment (MCA), Issue Management, Audit Management, Legal & Regulatory, Outsourcing, ISO Certification, Records management, Third Party Management, Risk & Reporting Metrics and Country Affiliate and Clearance Governance.
- Technology Risk & Control Senior Manager (C13 - Vice President)_

This position will report and support CTI APAC Risk Management -RMG Head. Position will be based in Singapore and will support the Team in Singapore and Philippines. The primary role of the Technology Risk & Control Senior Manager is to manage, plan, lead and execute Risk Management and Governance programs for Citi Technology Infrastructure Asia Pacific.

**Responsibilities**:
This function will be responsible for but not limited to:

- Manage internal, external, regulatory, and other audits end-to-end, providing proper perspective on risks and issues.
- Independently assess the effectiveness of controls, determine the impact of control issues, identify corrective action, and track issues to closure.
- Perform risk assessments, regulatory and compliance assessments for services and processes under Citi Technology and Infrastructure
- Plan, lead, and execute strategic/tactical initiatives on controls and risk management.
- Develop and deliver reports and metrics for management.
- Provide consultation on controls and risk management.
- Work with partners in-region across all the technology sectors, and globally within Citi Technology Infrastructure to manage technology and infra related risks and compliance to regulatory requirements

**Qualifications**:

- A graduate (business or IT related discipline) with eight to ten years’ experience in any one area or combined areas of control, risk management, compliance, audit and IT/business project management. [Note: A non-graduate with strong experience and relevant job exposure to information security, audit or risk management functions are welcome to apply.]
- Familiar with various regulations governing IT from various Asia Pacific regulators such as the Monetary Authority of Singapore (MAS), the Hong Kong Monetary Authority (HKMA) is beneficial
- Strong understanding of technology infrastructure and information security products.
- Certified in at least one of the following: CISA, CISM, CRISC, CISSP will be advantageous

**Critical Competencies**:

- Proficient in MS Office, Excel, PPT and SharePoint.
- Knowledge in business analytics tools.
- Ability to work under pressure and act with ownership and integrity
- Ability to build partnership within the organization to drive successful implementation of programs and projects
- Ability to engage a large audience and lead the discussion with clear, and concise communication.
- Competency in navigating through complex organizational processes and developing strong working relationships with other teams/regions.
- Strong understanding of technology infrastructure and information security products.
- Good verbal/written communication and analytic skills.
- A leader who