- Primary Location: United States,Florida,Tampa
- Education: Bachelor's Degree
- Job Function: Risk Management
- Schedule: Full-time
- Shift: Day Job
- Employee Status: Regular
- Travel Time: Yes, 10 % of the Time
- Job ID: 19018320
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.
Citi’s explains what we do andexplain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients’ and the public’s trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.
Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop are widely available to all.
The candidate will be responsible for using prior audit and controls experience to help the Citi ORM-T/C team build and maintain an Integrated Controls Framework and Performance Model. The framework will take inputs from our Target Operating Model and several regulatory authoritative sources to maintain the sound design and smooth operation of our program. Similar to an integrated controls framework, the candidate will build the model to flexibly grow as our program matures, and global and domestic requirements evolve. He/she will build and support the maintenance of Process Flows and Procedures that detail the end-to-end operation of each second-line process. The candidate will also support the growth of the ORM-T/C continuous monitoring program.
The candidate will lead our regulatory response effort, which coordinates and addresses the multiple regulatory inquiries in-scope annually for ORM-T/C. This includes summarizing and demonstrating the design and operation of ORM-T/C core processes to various internal and external regulatory authorities.
The candidate will build relationships within our second line team to establish accountability for processes within the Integrated Controls Framework / Performance Model. He/she will also support our Training and Awareness team to develop and conduct courses ensuring the globally consistent and uniform operation of our program’s processes by designated Process Owners and Performers.
The candidate will be expected to engage other second line stakeholders in the establishment of the model and forge alignment with our Policies and Standards team. The candidate should have a working knowledge of emerging technology, GRC tooling, and progressive automation opportunities that can augment and enhance our program beyond typical manual-based operation.
? Bachelor’s degree in Computer Science, Management Information Systems, Engineering, Cybersecurity, or Accounting. Degrees in MIS and Accounting suitable with demonstrated recent cybersecurity and information technology experience. Work experience in Audit, Regulatory, Risk Management, Information Technology, or Information Security domains preferred.
? Minimum of 3-5 years of hands-on experience in IT audit, governance, regulatory compliance, risk management, process development, and continuous monitoring. Understanding of audit documentation and testing principles.
? Experience assessing cybersecurity risk and compliance programs, and auditing cybersecurity processes and controls
? Experience building process and flow documentation in alignment with Policies and Standards
? Experience aligning cybersecurity risk and compliance programs / processes to regulatory and best practice requirements
? Experience leading process interviews and regulatory discussions with cyber staff, and recommending steps to further minimize risk exposure
? Strong attention to detail in the creation of documentation (narratives, process flows) that summarize control environments and can withstand deep regulatory scrutiny
? Able to employ strong analytical skills. Thinks strategically and creatively about complex problems and how to solve them.
? Self-starter who can work without close supervision. Proactive and entrepreneurial, and can generate ideas about the direction of our program.
? Strong presentation skills. Able to distill risk management and process concepts into guidance that stakeholders of various expertise (junior to executive) can understand
? Excellent communication skills, both verbal and written