The Info Sec Prof Senior Analyst is an intermediate level position responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.Responsibilities:Identify potential information security (IS) risks and make recommendations for enhancementCollect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officialsExecute meetings and communicate complex security topics and safe IS practices with all levels of the organizationEnsure that controls are utilized daily and that non-compliance remediation is addressedProvide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or conceptsAssist with defining and implementing IS standards to align procedures and practices in compliance with Citi standardsEducate and advise on safe information security practices and current, changing, and/or recommended information security requirementsValidate compliance with IS policies, practices, and procedures, and resolve a variety of IS related issues in coordination with the businessAssume informal/formal mentorship role within teams and assist with the coaching and training of new team membersHas the ability to operate with a limited level of direct supervision.Can exercise independence of judgement and autonomy.Acts as SME to senior stakeholders and /or other team members.Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.Qualifications:9+ year of total experience out of which 5-8 years of relevant experienceApplicable Certifications or willingness to earn within 12 months of joiningConsistently demonstrates clear and concise written and verbal communicationProven influencing and relationship management skillsProven analytical skillsCertifications such as CISSP / CCSP / CISM will be an added advantage but not mandatoryEducation:Bachelor's degree/University degree or equivalent experienceKnowledge/Experience:EssentialMinimum 4-7 years' experience in project management and business analysis with experience using a structured methodologyExperience in developing and presenting metrics and performance for a large programProven ability to work independently and in a multi-tasking environmentDesirableKnowledge of data engineering principles and predictive analyticsSkills: (Technical skills)EssentialStrong understanding of software development lifecycle.Proficient in using Microsoft Office products (Word, Excel, PowerPoint, Project, Visio)In-depth knowledge of technology, security, risk, and compliance best practices, preferably in the Identity and Access Management disciplineDesirableExperience with CyberArk or other privileged access management solutionsPrior experience with automation and orchestration projects is a plus.Knowledge of authentication and authorization techniques, processes, and protocols.Competencies (Soft skills )Strong communications skills & facilitation experience across all levels of leadershipAdvanced analytical problem-solving skills, including the ability to analyze datasets and present in a format that facilitates senior management decision makingExperience managing both process improvement and software development projectsExperience with analyzing and documenting business requirements and interfacing with application developersThis job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.Key Responsibilities:Responsible for business analysis and management support on program driven initiativesInteract with global IT partners and information security personnel providing project management and/or business analysis support to multiple work streams. Projects will focus on governance efforts at improving, standardizing, and streamlining processes and governance practices in the Information Security Identity and Access Management domain.Manage projects through their complete lifecycleGather and analyze data from multiple sources; develop reports and key risk indicatorsCommunicate project plans and routine updates on project status and issues/risks to the project team, stakeholders and managementDocument and maintain program related training and awareness materials and communicationsFacilitate discussions, conduct meetings and drive initiatives and issues to conclusionConsult with stakeholders to gather and document requirements and specifications for solutions and enhancements------------------------------------------------------Job Family Group:Technology------------------------------------------------------Job Family:Information Security------------------------------------------------------Time Type:Full time------------------------------------------------------Citi is an equal opportunity and affirmative action employer.Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.Citigroup Inc. and its subsidiaries ("Citi") invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity reviewAccessibility at Citi.View the "EEO is the Law" poster. View theEEO is the Law Supplement.View theEEO Policy Statement.View thePay Transparency Posting
