Cyber Governance Review and Control Lead Analyst

3 days ago

Singapore Citibank Full time $120,000 - $200,000 per year
Citi Information Security Office (CISO) Information Security Risk & Compliance Manager (Information Security) candidate will work with their staff to support the APAC Citi Information Security Office (CISO) group, helping the team the associated risks for the CISO processes, domains, and product. While the support will be focused on the APAC group, this position will help influence global CISO Risk and Compliance processes. This will be done through designing, implementing, and monitoring of risk and control framework. Person will be required to work with SMEs on Internal and external Audits; drive compliance of processes, Infrastructure, and applications with Citi Policies; ensure the teams follow the issue management standards and contribute to an Effective Management Control Assessment.

Responsibilities:
Be responsible for managing and supporting multiple risk and control programs for the organization including working with the global CISO Risk team to define the strategy, approach, processes, quality, tools and reporting that provide APAC risk management consistency and excellence within CISO.
  • Strong understanding of APAC Regulatory requirements e.g. MAS Regulatory requirements for Financial Institutes like MAS644, MAS655 etc, RBI, SEBI, APRA, HKMA, Bank Negara etc.
  • Ensure that emerging risks identified are socialized with key stakeholders and mitigation strategies are in place.
  • Identify areas of engagement based on level of investment, inherent risk, complexity of change and other risk factors
  • Execute Risk Control coverage strategy, ensure appropriate risk mitigation actions are in place and escalate to senior management as appropriate
  • Provide supervision of Risk Control team's efforts and assist with prioritizing and addressing roadblocks encountered
  • Identify and assign key metrics (e.g. KRI/KPIs) to support effective monitoring and management of operational risk including controls assurance and ensure issues identified and corrective actions are raised to address gaps.
  • Provide strong oversight of CAP (Corrective Action Plan) remediation activities both for audit and control issues including quality completion of Risk Exception documentation and annual renewals.
  • Support the assigned technology platform re ensuring the remediation of corrective actions relating to both self-identified and audit issues are completed on time and with the appropriate level of quality and adherence to IBAM.
  • Support assigned technology platform during internal and external audits.
  • Assist in all interactions with audit including deliverables management, audit fieldwork, business monitoring and meetings.
  • Leverage reporting to identify trends, themes and areas requiring improved controls
  • Drive Manager's Control Assessment monitoring, quarterly approvals and improvements required
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.
  • Complete all tasks in connection with the organization's activity but not detailed in the current job description, assigned by the direct manager, supervisor, or the functional head.
Ideal Background
  • 10 years' experience in Risk and compliance experience
  • Demonstrable Information Security Risk knowledge based on working in real-world environments & situations.
  • Strong understanding of APAC Regulatory requirements e.g. MAS Regulatory requirements for Financial Institutes like MAS644, MAS655 etc, RBI, SEBI, APRA, HKMA, Bank Negara etc.
  • Excellent communication skills required in order to negotiate internally, often at a senior level. Some external communication may be necessary.
  • Full management responsibility of a team or multiple teams.
Education:
  • Bachelor's/University degree or equivalent experience, potentially Master's degree
  • Relevant professional qualifications with Risk / Security management e.g. CISM, CISA, CISSP or equivalent
Benefits
  • Opportunity to widen your knowledge of technology risk area in global financial services organization
  • Long-term career path across geographies and business lines
  • Friendly work atmosphere
  • Competitive compensation package
  • Flexible work arrangements


Job Family Group:
Technology

Job Family:
Information Security

Time Type:
Full time

Most Relevant Skills
Please see the requirements listed above.

Other Relevant Skills
For complementary skills, please see above and/or contact the recruiter.

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi .

View Citi's EEO Policy Statement and the Know Your Rights poster.

  • IT and Cyber Risk Control Lead

    4 days ago

    Singapore GXS BANK PTE. LTD. Full time

    The day-to-day activities: - Maintain and update the Bank’s technology and cyber risk frameworks, policies and standards based on prevailing regulatory requirements and industry best practices. - Drive proactive adherence with Bank’s security policies and standards, and regulatory requirements across the region. - Build a comprehensive controls library...

  • Cyber Security Analyst

    4 days ago

    Singapore PERCEPT SOLUTIONS PTE. LTD. Full time

    The primary role of the Cyber Security Analyst is to safeguard the organisation’s IT and network infrastructure against cyber risks, ensure compliance with regulatory requirements, and strengthen ICT resilience. This includes conducting cyber risk assessments, implementing security controls, monitoring threats, and supporting technology initiatives to...

  • Consultant/Manager (Cybersecurity Governance and Risk Assessment), SCD Cyber Security Agency of[...]

    2 days ago

    Singapore The Cyber Security Agency of Singapore Full time

    Overview What the role is: The Safer Cyberspace Division in CSA focuses on building national cyber resilience of organisations in Singapore. The division develops and manages national cybersecurity technology initiatives under the SG Cyber Safe programme, in order to enable a safer cyberspace. Examples of programmes which the division has rolled out include...

  • Governance Analyst

    1 week ago

    Singapore Hays Full time

    1 year renewable contract as a Resilience Governance Analyst for an investment bank!Your new company You will be working with a leading global financial services firm within their Cyber Data Risk & Resilience Department. Your new role The Resilience Governance Analyst role is required to work as part of a global team to support resilience governance...

  • Appsec Analyst

    1 hour ago

    Singapore Marina Bay Sands Full time

    LOVE WHAT YOU DO? THERE IS A PLACE FOR YOU HERE! Be part of our diverse and inclusive team. Job Responsibilities - Ability to review and understand source code from both business logic to ensure code is free from security defects prior to production release. Identify false positives, tracking and remediating found issues, tracking and performing the...

  • Asst Director

    1 hour ago

    Singapore Cyber Security Agency of Singapore Full time

    **What the role is** - This position is focused on cyber security readiness, protection, and incident response capabilities by developing, designing and conducting cyber exercises and workshops leading to the development of cyber incident planning artefacts for government and CII sectors/industry. **What you will be working on** - This requisition may be...

  • Lead Engineer

    1 week ago

    Singapore Home Team Science and Technology Agency (HTX) Full time

    **What the role is** Lead Engineer / Principal Engineer, Cyber Tech Stack (CTS) is responsible to assist Deputy Director, CTS in the planning and delivery of joint capabilities projects, specifically in the technology area of Enterprise Cyber Security systems/ solutions. He/ She is also required to work and support across different units within HTX. **What...

  • IT Security Governance Specialist

    2 weeks ago

    Singapore Housing & Development Board Full time

    2 days ago Be among the first 25 applicants Get AI-powered advice on this job and more exclusive features. What The Role Is The mission of Housing & Development Board (HDB) is to provide affordable, quality housing and a great living environment where communities thrive. To achieve its mission, HDB aims to be data-driven to the core and adopt evidence-based...

  • Cyber Security Analyst

    2 weeks ago

    Singapore Flintex Consulting Pte Ltd Full time

    **Cyber Security Analyst** **Description** **Key Responsibilities** - Proactively monitor the environment to detect and implement steps to mitigate cyber-attacks before they occur. - Provides technical expertise regarding security-related concepts to operational teams. - Review, investigate, and respond to real-time alerts within the environment. - Review...

  • IT Security Governance Specialist

    1 week ago

    Singapore Housing and Development Board Full time

    What the role is: The mission of Housing & Development Board (HDB) is to provide affordable, quality housing and a great living environment where communities thrive. To achieve its mission, HDB aims to be data‐driven to the core and adopt evidence‐based decision making in developing better housing policies service, improving service delivery and...