Global Head of Cyber Risk and Compliance
Citigroup
Global Head of Cyber Risk and Compliance
The Technology & Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firms reliable second set of eyes overseeing Technology and Cyber risk. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational risks while promoting the implementation of actions to address root causes which may lead to unintended operational losses. TCCORO provides the specialist subject matter experts to challenge Enterprise, Infrastructure, Operations and Technology entities across the firm. We are the technology and cyber conscious of the bank. In line with the ORM and ICRM frameworks, we aim to ensure that the internal controls that are designed to mitigate technology and cyber risks are managed, mitigated and aligned with our risk appetite.
Responsibilities:
Reporting into the Global Head of TCCORO, the Head of Cyber Risk will have oversight responsibility for the Chief Information Security Office and evaluation of cyber risk holistically across the firm. The following highlight the coverage area responsibilities for this Managing Director position:
- Oversight and challenge of the cybersecurity incident response programs.
- Oversight of the security operations center (SOC) and cybersecurity fusion center (CSFC).
- Oversight of cybersecurity penetration testing and red-team operations.
- Oversight of the Chief Information Security Office (CISO), including the review of the effectiveness of the controls, standards and programs across the enterprise.
- Implementation of guidance for overseeing Emerging Technology and Operational Risks, in compliance with OCC Heightened Standards.
- Able to present and lead discussions with key Regulators, internal and external auditors, as well the Board of Directors and the Risk and Audit sub-committees.
- Governance and Oversight of security risks impacting the business and technology
- Support in the development of Cyber Policy and Standards
- Oversight of Key Operational Risks and related indicators and thresholds
- Challenge of Cyber Risk Self Assessments
- Challenge of Business and Technology Scenario Analysis
- Issue management, oversight and escalation
- Advise on best practices leveraging expertise and industry insights
Qualifications:
Knowledge /Experience:
The Head of Cyber Risk will be an acknowledged thought leader in technology and security risk management with over 20 years of hands-on technical experience in complex IT management, Information Security, and Emerging Technologies with globally complex, dispersed and diverse organizations. The ideal Managing Director will have in-depth, detailed knowledge of good infrastructure, cloud, and emerging Technology Management inclusive of Artificial Intelligence, Operations and Information Security practices in the financial industry. This individual should have the following experience and skills:
- 20+ years' experience in technology risk and/or cyber risk management in the banking/financial services industry, or related field, with at least 5+ years in 2nd or 3rd line senior leadership positions.
- Subject matter expert in technology risk and/or cyber risk management principles and practices across various information system architecture and engineering domains.
- Proven experience in managing complex risk portfolios and developing strategic risk management frameworks for large organizations.
- Robust understanding of operational risk management frameworks, industry standards, regulatory requirements, and risk mitigation practices.
- Experience managing and overseeing large remediation and transformation programs to achieve intended results.
- Extensive experience in effective written and verbal communication with executive audiences including Boards.
- Experienced risk challenger who balances risks vs. rewards aligned with corporate risk culture.
- Understanding of Citi products and services and downstream impacts of technology risk and/or cyber risk strategy.
- Professional certifications in either technology risk and/or cyber risk preferred, including: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), ERM, CET, ISO27001, COBIT, TOGAF, or CRI
The ideal candidate will have in-depth, working knowledge of banking technologies, fraud, cybercrime detection and countermeasures, encryption, data retention, as well as information security support for segregation of duties, application development, network and systems operation, testing and vendor management. Prior experience in previous roles should include companies with global technology infrastructure in global financial services firms. Technology Skill set requirements will include capability to manage all aspects of these standards:
- Technology Architecture components common across the Financial Industry
- Information Systems Audit and Control Association's (ISACA) COBIT* Standard
- Information Technology Infrastructure Library (ITIL)
- ISACA's Certified in Risk and Information Systems Control (CRISC) Job Practice Domains
- Project management
Strong Leadership Skills:
- Provides leadership in risk identification, key risk indicator identification, and risk mitigation strategies in the domain of technology management.
- Engages business and technology managers to identify key control indicators and maintain effective and efficient continuous control monitoring processes.
- Strong analytical and problem-solving skills.
Excellent Communication Skills:
- Both verbal and written.
- Ability to interact with and influence people/groups of widely varying disciplines and backgrounds.
- Ability and confidence to exercise influence over a wide range of individuals at all levels of technical & business leadership.
- Experienced in using active listening techniques on a consistent basis.
Strong Presentation skills:
- Comfortable with public speaking across various forums and be able to effectively and logically communicate when ideas are being challenged in an open forum.
- Comfortable interacting directly with technology executive leadership, including in a high stress environment.
- Understands the perspective of regulators and has the ability to shape messages and content to respond to a changing variety of regulatory standards.
Client Relationships/Business Partnerships:
- Strong planning, organization and time management experience that is strategically oriented, an innovative thinker, and a demonstrated and decisive decision maker.
- Collaboratively manage initiatives that span multiple geographic locations and time zones.
- Navigates organizational complexity; demonstrates organizational acumen.
- Builds partnerships across functions and regions; collaborates well with others.
- Networks regularly and builds relationships across Risk disciplines and with businesses, operations and technology
Logistics:
- The role is global, and the incumbent must be proactive and capable of leading solutions to global issues with others in different regions and time zones.
- The successful candidate will need to be a hands-on, self-starter, and able to manage tasks/timelines for self and others
Education :
Bachelor's/University degree, Master's degree preferred
Citigroup- ...Key Responsibilities As the world’s leading vendor of Cyber Security, we strive daily to create innovative, advanced solutions for the... ...Level Technical Advisor program Associate Security Engineer program Global Sales Associate program Sales Security Engineers Help Desk...CyberInternshipWorldwide
- Internal Audit, Global Banking and Markets, Risk, Analyst, Dallas Job Description What We Do As the third line of defense, Internal Audit’s mission... ...markets, asset & wealth management, risk management, finance, cyber-security and technology risk, and engineering. Who We...CyberFull timeWork experience placementWork at office
- ## IT Governance, Risk & Compliance ManagerApplylocations: Dallas, Texas: Buffalo, NYtime type:... ...insulation and sealing materials. Through global reach and breakthrough inventions, we... ...first line of defense in responding to cyber security incidents, including identifying...Cyber
- PowerToFly is seeking a Risk and Controls Assessment (RCA) Specialist in Legal and Compliance to manage the RCA lifecycle, establish governance, and drive improvements... .... This Director level position is part of the Global Financial Crimes Strategy team. The ideal candidate...Suggested
- ..., NY, US Cleveland, OH, US Overview: As Global Partner Manager for Digital Pathology, you... .... Negotiate partnership terms and ensure compliance with Barco’s policies and objectives.... ...related to ethical conduct, quality standards, cyber security, sustainability, data protection...CyberFlexible hours
$120k - $180k
Israelvcforum in Dallas, Texas is seeking a Strategic Account Executive for the Global System Integrator ecosystem to drive enterprise sales and manage consultancy partnerships. The ideal candidate will focus on complex sales in cybersecurity and AI technologies. Your...Cyber- ...responsible for creating and managing comprehensive security programs for global operations. The successful candidate will handle various security domains such as Personnel, Physical, Communications, Cyber, and Information Security. The ideal applicant should have over 10...Cyber
- A leading global data center company in Dallas, Texas is seeking a Director of Insurance to provide enterprise-level leadership in global risk management. This role involves developing the company's insurance strategy, managing insurance programs, and collaborating with...
- ...Director (AVP) of Investigations in Global Financial Crimes to lead and... ...team. In the Legal & Compliance division, we assist the Firm in... ..., regulatory and franchise risk. This is a Director level position... ...sanctions evasion, fraud, and cyber-enabled threats related to...CyberWork at office
- ...Opportunity Managing Director, Cybersecurity Risk Management The Managing Director,... ...a senior leadership role reporting to the Head of Technology Risk Management within Corporate... ...cloud strategy, penetration testing, and cyber defense capabilities. Oversee data and digital...Cyber
- ...Why Join Us? As the world's leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we've assembled a global team of the most driven, creative, and innovative people. At Check Point, our employees are redefining the security landscape...CyberSeasonal workWork at office
- ...Our history spans over 13 years and today we are an Award-Winning Global Software Consultancy solving complex problems with technology.... ...Software Development, Data Analytics Infrastructure & Cloud Solutions, Cyber Security Services, etc. We make reasonable accommodations for...Cyber
$119k - $145k
...application due to a disability, contact this employer to ask for an accommodation or an alternative application process. Cyber Security Risk & Compliance Specialist Full Time TEXAS CORPORATE, Irving, TX, US 4 days ago Requisition ID: 1449 Salary Range: $119,000.00 To $145...CyberFull time- ...Back‑office systems, Regulatory, Legal and Compliance, etc. Develop strong relationships with... ...technologies; ensure scalability, performance, and global standardization. Publish key metrics,... ...frameworks (NIST CSF, MITRE ATT&CK, Cyber Kill Chain, ISO 27001 and others)....CyberRemote work
$139.3k - $208.9k
...Opportunity Employer. Claim Account Manager - Global Risk Management Chicago, Dallas Overview Our... ...to develop, implement and monitor compliance with the client specific instructions and... ...claims service. You will report to the Head of TPA Account Management....Flexible hours- ...Our history spans over 13 years and today we are an Award-Winning Global Software Consultancy solving complex problems with technology.... ...Software Development, Data Analytics Infrastructure & Cloud Solutions, Cyber Security Services etc. We make reasonable accommodations for...CyberFull timeRemote work
$139.3k - $208.9k
AXA XL in Dallas is seeking a Claim Account Manager for Global Risk Management. This role involves managing claims, promoting AXA XL's value proposition, and handling client relationships. The ideal candidate should have strong claims account management experience, excellent...Flexible hours$139.3k - $208.9k
...Claim Account Manager Global Risk Management Our Claims team sets us apart. Our experienced... ...to develop, implement and monitor compliance with the client specific instructions and... ...claims service. You will report to the Head of TPA Account Management. What you will...Flexible hours$145k - $180k
...Security And Ai Trend Micro, a global cybersecurity leader, helps... ...Management (CIEM), Cloud Risk Management, Cloud Overview Dashboard... ...stay ahead of evolving cyber threats. Cloud & Ai Product... ...AI threat landscape, emerging compliance demands, and evolving customer...CyberTemporary workWork experience placementH1bShift work- ..., including General Liability, Builder's Risk (including the Master Builders Risk [MBR]... ...Professional Liability, Pollution Liability, Cyber Liability, Executive Risk Insurance, OCIP... ...and enforce subcontractor insurance compliance requirements, including oversight of certificate...CyberFull timeContract workFor contractorsFor subcontractorWork at officeLocal areaMonday to Friday
- ...our infrastructure to process 100 billion risk signals daily. This isn’t just growth; it’... ...total reimagining of how the world manages cyber risk. Who are we? At UpGuard, we are... ...technology and the resources to do it at a global scale. At UpGuard, our Sales team continues...CyberRemote workWork from homeRelocation
- ...will be both within the US and global. Your primary... ...detect, defend and respond to any cyber event at DTCC. Influence the... ...identifying and evaluating potential risks associated with cloud services... ...audits and assessments to evaluate compliance with standards across DTCC....CyberRemote work
$190k - $200k
Sr. Director, Global Security Technology Senior Director, Security Technology Operations... ..., ensuring consistency and full compliance with company standards. Serve as the... ...Operations, IT, Global Facilities, Cyber Security, and Risk Management to deliver holistic security...CyberFor contractors- ...Vice President, Global Sales Engineering About the Company Innovative cybersecurity... ...Security Software Software Analytics Cyber Security Network Security Open... ...Threat Detection Crisis Management Risk Analysis Security and Alarm Systems...Cyber
$130k - $160k
...Danaher Corporation is seeking a Senior Cybersecurity Risk Analyst to manage third-party risk activities across vendors in a remote role. The ideal candidate will have over 7 years of experience in third-party risk and a strong working knowledge of risk management frameworks...CyberRemote work- ...alignment with firm-wide financial crimes risk management objectives Supervise and guide... ..., sanctions evasion, fraud, and cyber-enabled threats related to Crypto. Identify... ...highest standards for accuracy, regulatory compliance and timeliness Provide advice to the business...CyberWork at office
- Equinix, Inc. is seeking a Senior Director of Procurement Governance, Risk & Compliance to lead procurement governance and risk capabilities, ensuring compliance across the supplier ecosystem. This role requires deep expertise in procurement and risk management, providing...
- ...Innovation Shape the Future At Presidio, we're at the forefront of a global technology revolution, transforming industries through cutting‑... ...of security trends, threat landscape and frameworks like the cyber kill‑chain. Ability to listen and communicate effectively with...CyberFor contractorsLocal area
- Title: Head of GBM Risk Regulatory Strategy & Change Requisition ID: 262508 Please note that the Salary Range shown is a guideline only. Salary... ...to results, in an inclusive and high-performing culture. Global Banking and Markets Global Banking and Markets (GBM) is a...Local areaFlexible hours
- Worldwide Flight Services is seeking a Cyber Security Principal TDR Analyst to serve as a senior analyst specializing in threat detection... ...capabilities to protect the organization across various global locations. The ideal candidate brings extensive experience in cybersecurity...CyberWorldwide
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Global Head of Cyber Risk and Compliance. Be the first to apply!

