Cybersecurity Policy Lead Analyst Vp
- Heredia
- Permanente
- Tiempo completo
Responsibilities:
Supports the strategy for anchoring our standards in a modern control framework, aligning requirements to Citi's cybersecurity risk tolerance, and establishing compliance monitoring as well as consequences for noncompliance.
Oversees the cybersecurity policy process and ensures policy owners adheres to the enterprise policies.
Closes gaps in control coverage, defines clear, measurable, and prescriptive requirements, and aligning with Citi's global technology and risk management policy and standard requirements, as well as Citi's global policy governance processes.
Establishes and maintains strong connections across the Cybersecurity organization and makes recommendations to senior leadership regarding policy and control enhancements
Assesses information security investigation reports for accuracy, completeness, and fairness of an investigation prior to issuing disciplinary actions.
Identifies gaps and challenges any statements or conclusions that lack clear evidentiary backing for violations against information security policies.
Articulates the rationale and supporting evidence for disciplinary actions to senior managementQualifications:
6-10 years of relevant experience in the Information Security field
Policy writing expertise, with the ability to present information clearly and concisely to a wide breadth of stakeholders / senior management
Risk management experience, including regulatory assessments, audit interaction, and enterprise control frameworks
Knowledge of industry control frameworks (e.g., CRI Profile, FFIEC CAT, NIST)
Understanding of how investigations are conducted, including evidence collection, interview techniques, chain of custody, and forensic analysis - preferred
Understanding of organizational risks and how investigations contribute to mitigating them.
Ability to meticulously examine documents, data, and statements for subtle discrepancies, omissions, or inconsistencies.
Excellent written and verbal communication skills
Highly organized and capable of overseeing numerous endeavors
Excels at orchestrating complex, multi-faceted projects
Ability to motivate and manage by influence
Self-starter who requires minimal supervision
Results-oriented, high-energy, self-motivated
Technical skills (e.g., system and network security, application security) preferredEducation:
BA/BS degree or equivalent experience
Master's degree preferred
Relevant certification (e.g., CISA, CISSP, CISM) preferred
English proficiency requiredThis job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.Job Family Group:
Technology
Job Family:
Information Security
Time Type:
Full time
Most Relevant Skills
Please see the requirements listed above.
Other Relevant Skills
For complementary skills, please see above and/or contact the recruiter.
Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity reviewAccessibility at Citi.View Citi'sEEO Policy Statementand theKnow Your Rightsposter.
Buscojobs