Cyber Security Operations

The Cyber Security Operations (CSO) - Asia Cluster Governance Lead will be responsible for partnering with the Global Cyber Security Operations (CSO) Governance Lead (NY based) to help drive the mission of the CSO Governance Team within Asia. The governance function will be responsible for informing the decision making of strategic investments and operational scope through fusing governance data with operational data to ensure risk-based decision making and outcomes. This organization will also act as the liaison for the CSO organization with other internal risk functions, and external risk related activity.

The person in this role will interface and help to support interactions with Citi seniors, regulators, and supervisory groups on topics of cybersecurity and third-party risk.

This individual will be responsible for helping to manage the overall approach for regulatory and audit interactions within the Asia Cluster and help to ensure consistency across engagements. They will be responsible for maintaining an aggregate view of status across all activity and helping to measure, monitor, and report our risks to Global Leadership on a regular basis. This individual will help to provide QA and review of regulatory/audit response as they are prepared by the CSO Service Management Team and will help to ensure that we are adhering to the Firm’s Information Sharing guidelines.

Key responsibilities include:

- ** Governance Framework Development**: Partner with the CSO Governance Lead and other CSO Asia Leads across the SOC and Cyber Security Fusion Center (CSFC) Lead to design and implement a CSO/CSFC governance framework, including associated metrics, key risk indicators, and stakeholder engagements with supervisory teams. Design and implement a governance data model to inform strategic and risk-based decision-making.
- ** Operational Governance Program**: Run the day-to-day operational governance program to measure, monitor, and report on cyber operational risk. Establish a regionally focused view of metrics, monitoring, and reporting, ensuring compliance with all APAC-specific reporting requirements (internal and external).
- ** Stakeholder Management & Collaboration**: Build strong partnerships with internal teams and external organizations related to cyber operations governance. Engage regularly with audit, compliance, and regulatory bodies globally. Oversee and ensure that all regulatory and audit responses are prepared in accordance with the firm's information sharing guidelines.
- ** Continuous Improvement & Optimization**: Drive continuous improvement of organizational processes and the operating model. Identify areas for automation and optimization, championing projects to enable these improvements. Ensure that analysis, reporting, and metrics contribute to prioritizing the most critical risks and threats.
- ** Performance & Time Management**: Effectively manage multiple detail-oriented tasks under tight deadlines.

Qualifications:

- A minimum of 10 years’ experience forming cyber analytical and/or operational teams
- And any of the below:

- 5+ years experience in Audit or Operational risk management
- 5+ years experience with Intelligence Fusion
- 5+ years experience leading analysis teams

**Education**:

- Bachelor's degree in Computer Science, Information Assurance, Computer Security, or equivalent
- Master Degree in a related field is highly desired, or equivalent years of experience

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.Job Family Group:
Technology
- **Job Family**:
Information Security
- Time Type:
Full time
- Most Relevant Skills

Please see the requirements listed above.
- Other Relevant Skills

For complementary skills, please see above and/or contact the recruiter.

View Citi’s EEO Policy Statement and the Know Your Rights poster.