* Primary Location: United States,New York,New York * Education: Bachelor's Degree * Job Function: Risk Management * Schedule: Full-time * Shift: Day Job * Employee Status: Regular * Travel Time: Yes, 10 % of the Time * Job ID: 19030791
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.
Citi's Mission and Value Proposition explains what we do and Citi Leadership Standards explain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients' and the public's trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.
Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop are widely available to all.
This position is a critical role for the second line ORM-T/C Cyber Risk Function targeting the high level, high impact Cyber related threats to Citi's Franchise and Clients with the aim of enhancing the effectiveness of managing operational risks across products, business lines and regions.This is a compact team assessing the comprehensiveness and effectiveness of Citi's current first line Cyber defenses.
The Cyber Risk Threat Analysis (CRTA) VP will be assigned to the Cyber Risk Threat Management Group. The CRTA VP will focus on monitoring the threat landscape, first line reporting, and threats to Citi.The CRTA VP will also be responsible for development and publication of multi-source analytical reports to introduce an independent viewpoint on cyber threat issues impacting Citi with the goal of identifying potential areas for challenge and enhancement within Citi's Cyber Security program. The CRTA VP will also contribute to cyber risk thought leadership position papers and projects. The CRTA VP will leverage subject matter expertise in intelligence tradecraft to independently challenge the first line's criteria, tools and methodologies used for threat intelligence, threat analysis and cyber exercises.The CRTA VP will also support the threat management group in its oversight of regulatory deliverables.
The CRTA VP will perform risk-based analysis of current and emerging cyber threats and incidents and generate assessments that will contribute to (but not limited to) the following:
* Independent review and challenge of 1st line analysis and reporting of cyber threat intelligence, incidents, and investigations by the CRTA team
* Independent Assessments and Credible Challenges across other Information Security, Investigations, and/or business teams by other members of ORM-T/C
* Strategic products and position papers on current and emerging threats, changes to the legal or regulatory landscape which may have a direct effect on the cyber risk posture of Citi and/or its clients, and vulnerability and capability assessments.
* Evaluate and produce cyber threat analysis reports within the Cyber Risk organization to introduce an independent viewpoint on cyber threats potentially impacting Citi's Cyber Risk posture.
* Manage internal projects that improve the teams' ability measure the effectiveness and comprehensiveness of Citi's first line Cyber defenses.
* Demonstrate a strong technical understanding of cyber and technology threats that may have a direct or indirect impact to the global Citi franchise.
* Examine tactics, techniques, and procedures of threat actors and control environments of targeted entities to assess whether there is a potential change to the inherent or residual cyber risk to Citi, clients, and partners.
* Build partnerships relationships within the organization
* Bachelor's degree in computer science, engineering, cyber security, international affairs, or intelligence-related field or other concentrations of study combined with relevant work experience. Work experience in the Risk Management, Information Security or intelligence domain preferred.
* 5-7 years of work experience. Demonstrates working technical knowledge of Cyber Security, Data Protection, IT Risk or IT Audit/Compliance.
* Understanding and knowledge of how cyber threat intelligence impacts/could impact different financial services and products a plus
* Previous US Intelligence Community or Military Intelligence background a plus.
* Experience addressing cyber, geopolitical, and technology threat issues required. Working understanding of technical control environments.
* Technical certifications including GIAC, CEH, CISM, CISA or CISSP preferred.
* Ability to discern and communicate emerging or shifting patterns in cyber threat actor behavior at the strategic level. Deep understanding of cyber threat actor capabilities and motivations.
* Strong written communication and presentation skills. Enjoys research and writing a plus.
* Maintains an understanding of the intelligence cycle and tradecraft standards. Team work and commitment a must.
Citigroup is a company providing financial products and services.