Citi,the leading global bank, has approximately 200 million customer accounts anddoes business in more than 160 countries and jurisdictions. Citi providesconsumers, corporations, governments and institutions with a broad range offinancial products and services, including consumer banking and credit,corporate and investment banking, securities brokerage, transaction services,and wealth management. Our core activities are safeguardingassets, lending money, making payments and accessing the capital markets onbehalf of our clients.
Citi'sMissionand Value Proposition explains whatwe do and CitiLeadership Standards explain how wedo it. Our mission is to serve as a trusted partner to our clients byresponsibly providing financial services that enable growth and economicprogress. We strive to earn and maintain our clients' and the public's trust byconstantly adhering to the highest ethical standards and making a positiveimpact on the communities we serve. Our Leadership Standards is a common set ofskills and expected behaviors that illustrate how our employees should workevery day to be successful and strengthens our ability to execute against ourstrategic priorities.
Diversityis a key business imperative and a source of strength at Citi. We serve clientsfrom every walk of life, every background and every origin. Our goal is to haveour workforce reflect this same diversity at all levels. Citi has made it apriority to foster a culture where the best people want to work, whereindividuals are promoted based on merit, where we value and demand respect forothers and where opportunities to develop are widely available to all.
The Vulnerability and Patch Management Specialist will play a leading role in driving information security analysis and vulnerability remediation. This position will report to the head of Security State Management. This role is a key business enabler to provide information security risk analysis and strategic recommendations for the ongoing improvement of Information Security. In this role, you will be engaging with program employees, stakeholders, and executives to ensure appropriate and up-to-date security management.
* Interfaces with business units and IT stakeholders to identify and understand security monitoring and response requirements and design solutions to meet business unit and IT stakeholder needs
* Maintains an up-to-date understanding of emerging cyber threats facing financial institution.
* Applies new techniques and trends that are in line with overall information security objectives and risk tolerance
* Builds effective relationships with key stakeholders who own and support IT infrastructure, applications, processes, and operations
* Gains commitment from stakeholders to implement recommended and agreed information security controls
* Provide and demonstrate strong leadership, and organizational abilities applied across a large team with diverse skills
* Help to formulate vulnerability management frameworks and working structures for initiatives associated with infrastructure technology and solution delivery teams.
* Develop horizontal view of risk posture across multiple technology domains.
* Execute Information Security strategy to proactively identify risk and drive remediation
* Act as point of contact for managing and delivering various vulnerability and remediation reports
* Implement security improvements by assessing baseline, evaluating trends, and anticipating requirements.
* Demonstrate ability to identify project stakeholders, plan, and manage stakeholder engagement.
* Regularly communicate the progress of initiatives in writing and/or in presentation to senior leadership.
* Work with various risk and information security teams in presenting vulnerability management status and updates to technology subject matter experts and management.
* Contribute to, interpret and disseminate IS policy, standards and awareness throughout the business units.
* Additional ad-hoc IS & Risk related initiatives and projects
* Complete additionally any other tasks in connection with the role but not detailed in the current job description, charged by the direct manager, supervisor, or the functional head.
* BA/BS in Information Systems or a related technical field
* Minimum 5+ years' experience working in an information security, information technology, or information risk management related field.
* Demonstrated experience building and managing vulnerability management programs
* Ability to brief technical risks and issues to executives and business leaders
* Demonstrated ability to lead the development of specific proactive procedures for the detection of security breaches across a large enterprise network
* Demonstrated experience working with senior management on highly sensitive projects that require the utmost discretion and maintaining strict confidentiality on all data, records, and tasks as required
* Possession of industry certifications highly preferred. Including, but not limited to, Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Global Information Assurance Certification (GIAC).
* Technical background in Windows/Unix Operating systems, security technologies, and network architectures.
* Knowledge of complex query for data analysis.
* Knowledge of security assessment methodology and risk management process.
* Knowledge of SQL and other business analytics software is a plus
Citigroup is a company providing financial products and services.