Senior Application Security Office (ISO), VP (C13)

About Citi:Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.Responsibilities:Develop and execute Information Security strategy to proactively identify risk and drive remediation

Conduct security reviews on internally developed and SaaS applications

Conduct issue risk analysis and present recommendations to IS management and stakeholders.

Develop and manage program metrics and performance through tracking/reporting and active engagement with stakeholders for continuous service improvement

Provide oversight and governance to engineering and operating processes

Implement security improvements by assessing baseline, evaluating trends, and anticipating requirements

Serve as the point of contact to executive leadership for dimensioning, managing and driving remediation of information security risk within the context of legacy assets

Develop horizontal view of risk posture across multiple technology domains

Improve processes by removing deficiencies and enhancing current tools that reduce an overall risk profile

Work with various risk and information security teams in presenting recommendations for improvement to technology subject matter experts and management.

Engage with cross sector and global risk teams in the review and reengineering of key controls and processes to effectively and efficiently manage IS issues

Contribute to, interpret and disseminate IS policy, standards and awareness throughout the assigned business units

Additional ad-hoc IS & Risk related initiatives and projects

Escalate significant risks to the Regional/Sector IS Leadership for information or required actions

Attend and participate in internal/external IS forums and risk committees when necessary

Ensure security practices/standards compliance and reduce security risks through enhancing controls and minimizing weaknesses in Citi’s applications portfolio

Ensure audits are passed with a satisfactory audit rating for all IS topics

Ensure non-compliant items are resolved through coordination with Business Manager and business staff

Increase communication efficiency with cross-sector ISOs to resolve security issues that span multiple businesses

Qualifications:6-10 years' relevant experience preferably in Information Security and/or Cloud Security

Proficiency with interpreting and applying policies, standards and procedures

Technical background in Windows/Unix Operating systems, security technologies, and network architectures

Knowledge of complex query for data analysis

Understanding of security assessment methodology and risk management process.

Strong knowledge of industry standards as they relate to information security management, application security internally and in the cloud, AWS and Azure

Excellent problem solving abilities and analytical skills

Ability to see the big picture with high attention to critical details

Results oriented and able to achieve desired outcomes independently with appropriate prioritization strategy

Well organized and strong follow-up capabilities

Strong track record of effectively managing multiple tasks in dynamic environments

Ability to work under pressure and meet tight deadlines as needed

Demonstrated ability to work effectively as both part of a team and independently

Effective communicator with excellent writing and verbal skills

Ability to influence others and shape/obtain desired outcome in areas outside of direct control

Demonstrated ability to develop and implement process improvement initiatives

Knowledge of SQL and other business analytics software is a plus

Education:Bachelor’s degree/University degree or equivalent experience

Master’s degree preferred

Professional Certifications preferred, such as CISSP, CCSP, CISA, CISM, AWS, Azure, and ECH

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.Job Family Group:TechnologyJob Family:Information SecurityTime Type:Full timePrimary Location:Tampa Florida United StatesPrimary Location Salary Range:$110,090.00 - $165,130.00Citi is an equal opportunity and affirmative action employer.Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm) .View the "EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) " poster. View the EEO is the Law Supplement (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/OFCCPEEOSupplementFinalJRFQA508c.pdf) .View the EEO Policy Statement (http://citi.com/citi/diversity/assets/pdf/eeoaapolicy.pdf) .View the Pay Transparency Posting (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp%20EnglishformattedESQA508c.pdf)Effective November 1, 2021, Citi requires that all successful applicants for positions located in the United States or Puerto Rico be fully vaccinated against COVID-19 as a condition of employment and provide proof of such vaccination prior to commencement of employment.Citi is an equal opportunity and affirmative action employer.Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.