Vacancy expired!
About Citi:Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients’ best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Enterprise Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.The Chief Information Security Office (CISO) is home to deeply talented colleagues that work to ensure the safety of Citi's clients' and our proprietary data. We manage information security as one end-to end program – one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the Firm and is deeply integrated into the sectors and functions.Citi maintains two Cyber Security Fusion Centers (CSFCs) across the United States and Asia to act as its information and crisis response hub in its mission to strengthen Citi's resilience to cyber-attacks.Organizational Mission:As the leading global bank, Citi has a heightened responsibility to keep its customers safe. The Cybersecurity Fusion Center (CSFC) is on the front lines of that effort. The CSFC coordinates Citi’s cybersecurity organizational response to protect Citi and its customers from cyber threats.Citi is at the forefront of Cyber Fusion in financial services and leverages a data-driven, “technology first” approach to determine, inform, respond to, and govern overall cybersecurity threats to Citi.Team Mission:The Governance Function within the Fusion Center is a new function that is underpinned by a comprehensive Governance Framework to measure, monitor and report Cyber Security Operational risk to internal stakeholders, appropriate supervisory groups, and regulators. This organization acts as the liaison for the CSO organization with other internal risk functions and external risk related activity.This function regularly interfaces with Citi seniors, regulators, and supervisory groups on topics of cybersecurity, Red Team exercises, etc. One of the functions performed by this team is project management and coordination of regulatory and internal driven penetration testing (Red Team testing).Responsibilities:Exercise executionCoordinate Red Team confidential testing operations that emulate a threat actor (either Citi’s internal Red Team or a Red Team service provider) that attack Citi’s cyber defenses
Manage multiple teams’ efforts to assess courses of action to meet exercise testing objectives while considering potential risks to Citi when making recommendations to senior cybersecurity leadership
Coordinate testing execution, including generating project updates, summarizing decision points, and leading regular meetings with the project team, Red Team, and support personnel
Exercise planningPartner with Red Team to define and develop scope and objectives of the exercise
Identify and establish exercise engagement model
Partner with Citi’s Red Team validate testing scenarios and capabilities that accomplish leadership’s strategic testing goals
Exercise reportingCoordinate technical validation and leadership review of Red Team reports detailing testing results and potential areas of improvement
Partner with problem management and project management teams to ensure Red Team observations are researched and remediated
Program managementIncorporate and review regulator testing framework updates in Citi’s Red Team procedures and standards
Maintain strategic testing roadmap, incorporating senior leadership’s testing goals to further strengthen Citi’s cybersecurity defenses
Develop and maintain relationships with Red Team service providers, including onboarding and Citi supplier maintenance tasks
Ensure Red Team testing complies with Citi’s internal policies and regulatory requirements
Requirements:Project management experience
Demonstrable interest in Red Team activity management
Working knowledge of regulatory testing frameworks (CREST, C-RAF)
Cybersecurity industry experience
Qualifications:5-8 years of relevant experience
Certifications or willingness to earn within 12 months of joining
Working knowledge in one or more of the following areas: Advanced Persistent Threat, Third Party Risks/Threats, Cybercrime, Extremist Groups and Cyber Terrorists, Hacktivism, Distributed Denial of Service attacks, Fraud, Malware, Mobile Threats
Consistently demonstrates clear and concise written and verbal communication
Proven influencing and relationship management skills
Proven analytical skills
Education:Bachelor’s degree required or equivalent experience.This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.Job Family Group:TechnologyJob Family:Information SecurityTime Type:Full timeCiti is an equal opportunity and affirmative action employer.Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi (https://www.citigroup.com/citi/accessibility/application-accessibility.htm) .View the "EEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) " poster. View the EEO is the Law Supplement (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/OFCCPEEOSupplementFinalJRFQA508c.pdf) .View the EEO Policy Statement (http://citi.com/citi/diversity/assets/pdf/eeoaapolicy.pdf) .View the Pay Transparency Posting (https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp%20EnglishformattedESQA508c.pdf)Effective November 1, 2021, Citi requires that all successful applicants for positions located in the United States or Puerto Rico be fully vaccinated against COVID-19 as a condition of employment and provide proof of such vaccination prior to commencement of employment.Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.
Vacancy expired!