The Third Party Information Security Assessor performs detailed examinations of Citi’s North America suppliers’ information security practices and controls. IS Assessor responsibility is to confirm supplier adherence to the same high information security standards to which Citi holds itself accountable and to identify & communicate information security risks related to our customer and business sensitive information. In accordance with Citi’s established Third Party Information Security Assessment (TPISA) process and framework, the essential duties are as follows.
• Coordinate with TPISA stakeholders to initiate, scope and plan controls assessments of new and existing suppliers.
• Perform assessments on-site at supplier locations or remotely via conference calls.
• Obtain and review supplier responses and supporting documentation to validate supplier appropriate implementation of information security controls. Analyze the information to identify information security weaknesses or non-compliance with Citi standards.
• Produce detailed documentation of assessments and perform threat analyses of gaps identified.
• Communicate supplier information security issues to stakeholders, ensuring their understanding of associated risks and actions needed to remediate those risks.
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients.
Citi’s Mission and Value Proposition explains what we do and Citi Leadership Standards explain how we do it. Our mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. We strive to earn and maintain our clients’ and the public’s trust by constantly adhering to the highest ethical standards and making a positive impact on the communities we serve. Our Leadership Standards is a common set of skills and expected behaviors that illustrate how our employees should work every day to be successful and strengthens our ability to execute against our strategic priorities.
Diversity is a key business imperative and a source of strength at Citi. We serve clients from every walk of life, every background and every origin. Our goal is to have our workforce reflect this same diversity at all levels. Citi has made it a priority to foster a culture where the best people want to work, where individuals are promoted based on merit, where we value and demand respect for others and where opportunities to develop to are widely available to all.
• Bachelor’s Degree in Technology (or related field), or equivalent work experience
• 5+ years experience in a similar IT Audit, Assessor, or Information Security Officer role
• Industry certification such as CISSP, CISA or CISM required
• Demonstrated in-depth knowledge of concepts, best practices and controls in a breadth of information security areas/domains. These information security areas include governance & risk management, access control, cryptography, physical security, security architecture and design, business continuity/disaster recovery planning, network security, application & operations security and compliance/incident management
• Strong technical and/or IT audit background in/practical knowledge of a wide variety of technologies. Technologies include server infrastructure & operating systems, network & web infrastructures, database architecture and intrusion detection/prevention systems
• Self-starter with the ability to manage and prioritize responsibilities through the effective use of time management techniques
• Team player with proven skills in influencing people without having direct management authority and motivating them to successfully complete tasks within required timelines
• Self-driven performer with established skills in tracking self and project performance, anticipating and recognizing problems and escalating issues appropriately
• Strong ability to interact and communicate both written and verbally with people at all levels, both technical and non-technical, in a dynamic environment where interactions are not always in person
• Strong risk analysis and problem solving skills
• Must be flexible to ensure assessments are performed by the mandated compliance date and be able to manage multiple assessments simultaneously
• Position required travel (both US domestic and international - Canada) on an average of 35%. Most travel is 1-2 night business trips several times per monthEEO Statement: Citi is an equal opportunity and affirmative action employer. Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity Pay Transparency: Citi won’t discriminate against anyone for discussing pay, but those with access to pay data in their work can’t disclose it unless responding to complaints/investigations or legal requirements.
|Location:||United States Flevoland Tampa|
Banking and Financial Services
PLEASE! No enquiries from Recruitment Agencies or Headhunters.
Only direct applications will be considered.