JobRushJobRush
Sign inCreate account
All jobs

Tech & Cyber Testing Utility Head, Director (Hybrid))

Citigroup17h ago
Mumbai Maharashtra IndiaHybridFull-timeDirector Level15+ yrs exp
Apply now

Top focus

Tech Lead

The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firm's reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks while promoting the implementation of actions to address root causes which may lead to unintended operational losses or regulatory breaches.

TCCORO provides the subject matter experts to challenge Enterprise, Infrastructure, Operations and Technology entities across the firm. We are the technology and cyber conscience of the bank. In line with the Operational Risk Management (ORM) and Independent Compliance Risk Management (ICRM) frameworks, we aim to ensure that the internal controls that are designed to mitigate technology and cyber risks are managed, mitigated, and aligned with our risk appetite.

The TCCORO Central Assessment Support Team (CAST) Director reports to the Global Head of TCCORO and will provide leadership for this central utility responsible for executing standardized operational risk management and compliance assessment activities on behalf of TCCORO.

This role is accountable for managing a team of analysts who bring together key aspects of the Operational Risk Management (ORM) framework and Compliance Risk Management (CRM) policy, including research and analysis of risk data, central compliance and risk assessment and testing, and Capability Maturity Assessments (CMA) against the first line in alignment with COBIT and CRI frameworks.

This position actively supports all TCCORO in support of their oversight of CIO and Enterprise Tech organizations. A successful candidate will be a subject matter expert in technology and cyber risk in global financial services, with demonstrated expertise in operational risk management frameworks, compliance assessment methodologies, and capability maturity models.

They should have a strong track record in technology and cyber risk management with excellent analytical skills, deployment of AI solutions and proven experience in building and leading centralized assessment utilities. The ideal candidate will be a strategic, proven leader with strong technical acumen, capable of influencing and challenging effectively while building and maintaining global teams

Responsibilities

  • Manages a staff of risk officers at various levels, with direct accountability for hiring and organizational structure.
  • Has direct oversight for compensation, performance appraisals, staff development, training, etc.
  • Provides input on performance and compensation recommendations for risk officers and utilities that provide risk related services on a matrix basis.
  • Create a positive team environment, monitoring workloads
  • supporting work-life quality of team members
  • providing candid, meaningful feedback in a timely manner Oversee the development, implementation
  • execution of the TCCORO central assessment support team’s operational risk management and compliance assessment programs in accordance with the ORM framework and ICRM policy requirements Establish and execute the functional strategy for CAST, ensuring comprehensive coverage of technology and cyber compliance and operational risks and TCCORO coverage areas.
  • Manage the planning, execution, and reporting of compliance monitoring and testing assessment activities, and Capability Maturity Assessments (CMA) utilizing AI solutions to simplify and optimize execution.
  • Develop a robust engagement model with all TCCORO coverage teams including business segments, functions
  • regional clusters Oversee the performance of independent assessment activities (testing and ongoing monitoring) to assess the design and effectiveness of key controls designed to address technology and cyber compliance and operational risks Qualifications: 15+ years of relevant experience in technology and cyber risk management, operational risk, compliance, audit
  • related control functions within global financial services Extensive experience in planning, executing
  • reporting on compliance testing reviews, operational risk assessments
  • regulatory issue validation activities Senior level experience in a related role with experience in business, functional and people management, with proven abilities in executing concurrently on a portfolio of high-quality deliverables to stakeholders according to strict timetables Proven experience in building and leading teams and functions, with demonstrated ability to scale operations and standardize methodologies Subject matter expert in one or more industry standard risk management frameworks (including ISO27001, COBIT, TOGAF and CRI for example)
  • an in-depth understanding of risk mitigation strategies.
  • Self-motivated and goal-oriented with the ability to seize the initiative, garner consensus and develop and implement an effective strategy.
  • Demonstrates a high level of analytical rigor in formulating strategies, goals and measuring results.
  • Sense of urgency in implementing programs and evaluating priorities; decisive, action-oriented and practical.
  • Willingness to challenge and question the status quo, making recommendations for options and best solutions.
  • Demonstrated strategic thinking skills.
  • Organizationally astute, with influencing, collaboration and communication skills.
  • Personal presence, intellect, energy and drive to succeed in a high-performance environment.
  • Able to analyze and think through highly complex issues, but then appropriately execute and implement against a well thought through framework in a seamless manner.
  • A global citizen who is comfortable in all geographies, regions and cultures.
  • Strong leadership, relationship, communication, and presentation skills including the ability to adapt his/her style to suit the different needs of any audience.
  • Education: Bachelor’s/University degree, Master’s degree preferred Relevant certifications (in CISM, CRISC, CISSP, CISA
  • PMP) a plus #LI-GG1 ------------------------------------------------------ Job Family Group: Risk Management ------------------------------------------------------ Job Family: Operational Risk ------------------------------------------------------ Time Type: Full time ------------------------------------------------------ Most Relevant Skills Analytical Thinking, Controls Lifecycle, Credible Challenge, Governance, Policy, Procedure
  • Regulation, Risk Management Lifecycle. ------------------------------------------------------ Other Relevant Skills For complementary skills, please see above and/or contact the recruiter. ------------------------------------------------------ Citi is an equal opportunity employer
  • qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran
  • any other characteristic protected by law.
  • If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi .
  • View Citi’s EEO Policy Statement and the Know Your Rights poster.

Required skills

operational risk managementcompliance assessmentAI solutionsISO27001COBITTOGAFCRI
Posted on JobRush — the end-to-end AI job-search platform.