SVP, Technical Compliance Risk (Hybrid)

The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firm’s reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while promoting the implementation of actions to address root causes which may lead to unintended operational losses or regulatory breaches. TCCORO provides the specialist subject matter experts to challenge Enterprise, Infrastructure, Operations and Technology entities across the firm. We are the technology and cyber conscience of the bank. In line with the Operational Risk Management (ORM) and Independent Compliance Risk Management (ICRM) frameworks, we aim to ensure that the internal controls that are designed to mitigate technology and cyber risks are managed, mitigated, and aligned with our risk appetite.

The Technical Compliance Risk Senior Officer is part of the Business Technology Function within TCCORO which has second line oversight for Tecnology Risk and Compliance for all of the business technology functional units, worldwide. The role will be responsible for identifying, anticipating, challenging, and mitigating risks that could affect business objectives, and minimizing operational risk events and losses related to technology. This position actively engages and partners with the ICRM product and function coverage teams to develop and apply Compliance Risk Management program solutions that meet business and customer needs in a manner consistent with the Citi program framework. A successful candidate should have foundational knowledge of how technology and cybersecurity risks are effectively managed in a large financial institution. They should have a strong track record in Technical Compliance Risk Management and/or a strong technical background with excellent analytical skills. A successful candidate should also demonstrate a strong interest in the field and a passion for risk management.

Responsibilities:

• Supports the design, development, delivery and maintenance of best-in-class technology compliance programs, policies and practices.
• Assesses technology risks and evaluates compliance with various regulatory and legal requirements, identifying and addressing potential risks.
• Analyzes comparative data, prepares and maintains regional / global reporting related to compliance risk assessments and monitoring of compliance related issues.
• Investigates and assists with responses to compliance risk issues, including: preparing required documentation, making recommendations to senior management, and preparing responses to any regulatory inquiries.
• Monitors adherence to Citi’s Compliance Risk Policies and relevant procedures and recommends actions to ensure continued alignment with the firm’s risk appetite.
• Stays abreast of regulatory changes, new regulations, and internal policy changes to identify new key risk areas.
• Supports ad-hoc activities for the TCCORO organization, including but not limited to: researching and drafting materials for presentations of deep dives into selected topics, coordinating deliverables related to regulatory inquiries, and maintaining associated data for executive reporting.
• Helps to appropriately assess risk when business decisions are made, demonstrating knowledge for the firm's reputation and safeguarding Citigroup, its clients, and assets, by driving compliance with applicable laws, rules, and regulations, adhering to Policy, and applying sound ethical judgment.

Qualifications:

• 10+ years relevant experience
• Knowledge of Compliance laws, rules, regulations, risks and typologies relevant to the coverage area.
• Experience in technology risk assessments, metrics, enterprise technology services, risks, and controls within globally complex, dispersed and diverse organizations.
• Understanding of technology risks and controls across various information system architecture and engineering domains including: data protection, identity and access management, vulnerability management, network security, endpoint security, logging and monitoring, incident management, and third-party management.
• Knowledge and understanding of industry standard risk management frameworks (including ISO27001, COBIT, TOGAF and CRI for example), and an in-depth understanding of technology risk mitigation strategies.
• Excellent written and verbal communication skills.
• Strong interpersonal skills with the ability to work collaboratively and with people at all levels of the organization.
• Ability to work collaboratively with regional and global partners in other functional units; and to navigate a complex organization.
• Excellent project management and organizational skills and capability to handle multiple projects at one time.

Education:

• Bachelor’s/University degree, Master’s degree and relevant certifications are preferred.
• Relevant certifications (CISM, CRISC, CISSP, CISA, or PMP) a plus

------------------------------------------------------

Job Family Group:

------------------------------------------------------

Job Family:

------------------------------------------------------

Time Type:

------------------------------------------------------

Primary Location:

------------------------------------------------------

Primary Location Full Time Salary Range:

In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.

------------------------------------------------------

Anticipated Posting Close Date:

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting