Cybersecurity Regulatory Governance – Project Delivery Analyst, VP (C13)

About Citi:

Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.

 

As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.

 

Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.

The Role:

The Cybersecurity Regulatory Governance – Project Delivery Analyst is responsible for designing, developing, and delivering information security regulatory programs and practices for Citi’s CISO (Chief Information Security Office). The overall objective of this role is to facilitate and help lead regulatory analysis and program activities. This role requires a broad and comprehensive understanding of the different regulatory laws relevant to information security and other related areas of the organization. The successful candidate will have demonstrated success and be highly adept at leading global programs and engineering change efforts, managing risk and execution of global programs by aligning resources and tactical/strategic decisions, and driving transformation across a complex enterprise to support cybersecurity goals. 

Responsibilities

• Serve as a subject matter expert on Citi’s regulatory programs and frameworks including GLBA, NYDFS, and PCIDSS
• Be accountable for the quality, completeness, and accuracy of the implementation of the regulatory governance control analysis, remediation, applicability and mapping Framework
• Provide expert guidance on Information Security & Cybersecurity regulations to manage risks including guidance on completing regulatory assessments to ultimately review and sign off assessments’ completeness and accuracy
• Drive initiatives and manage high-impact project workstreams with a results-driven focus to deliver solutions, including coordinating the implementation of new regulatory requirements
• Work with information security officer (ISO), functional owner, ICRM and legal as needed to determine projects meet regulatory requirements
• Partner with other ICRM teams and global functions, including Legal, Risk, Operations and Technology, and HR to prevent and detect non-compliance issues and promote a culture of compliance
• Determine the needs of policy updates, identifying opportunities driving process and control standardization (MCA) enhancements, and the development of improved monitoring controls and compliance metrics
• Assist leadership in exercising control over Regulatory Operational and Compliance Risks in accordance with established Policy requirements
• Assist management in guiding and influencing standards and procedures that conform to enterprise requirements and support sound operational and compliance risk management
• Analyze and identify overlapping control initiatives to resolve duplication of effort
• Execute risk control coverage strategy, ensure appropriate risk mitigation actions are in place and escalate to senior management where appropriate
• Responsible for managing and supporting multiple risk and control programs for the team including defining the strategy, approach, processes, and reporting
• Examine procedures for consistency and gaps relative to regulations in addition to impacts on security controls

Qualifications

• 5+ years’ prior experience working directly in Information Security and Banking Regulations, or similar analysis
• Direct experience with at least one or more financial regulations including GLBA, NYDFS, FFIEC, OCC and FDIC cybersecurity regulations is highly preferred
• Advanced analytical skills, with the ability to identify root causes and trends and anticipate horizon issues
• Ability to recognize emerging risks, including compliance and technology risks
• Expert in risk analysis and risk management processes for one or more function or area
• Ability to manage projects, expectations and maintain key relationships with senior stakeholders
• Proficient in Microsoft Office (Word, Excel, and PowerPoint)
• Proven ability to build and maintain relationships and exert influence without direct authority
• Consistently clear written and verbal communication skills with the expert ability to communicate clearly and concisely to audiences of varying levels of seniority
• Function as an SME to stakeholders and team members with the ability to operate autonomously exercising independence of judgement
• Excellent problem-solving skills and the ability to see the big pictures with high attention to critical details

Education

• Bachelor’s/University degree or equivalent experience
• Master’s degree is a plus

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

——————————————————

Job Family Group:

Risk Management

——————————————————

Job Family:

Business Risk & Control

——————————————————

Time Type:

Full time

——————————————————

Primary Location:

Irving Texas United States

——————————————————

Primary Location Full Time Salary Range:

$114,720.00 – $172,080.00

In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.

——————————————————

Anticipated Posting Close Date:

Jan 03, 2025

——————————————————

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries (“Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the “EEO is the Law” poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting