Cybersecurity Metrics QA Senior Analyst

The Chief Information Security Office (CISO) organization is home to deeply talented colleagues that work to ensure the safety of Citi's clients', our revenue, our employees and our proprietary data. We manage information security as one end-to end program – one with a clear mandate and accountability. Our mission is a program that is fully anchored to modern control and architectural frameworks, is fully aligned with the enterprise architecture of the firm and is deeply integrated into the sectors and functions.

The Cyber Metrics Quality Assurance team dedicated to fostering collaboration and excellence in data quality. Working closely with CISO governance teams and CISO Metrics team, our primary goal is to support and enhance the data quality of the Cybersecurity Risk

Appetite Key (CSRA) Indicators found in the comprehensive Global Information Security Monthly Report (GISMR), ensuring the accuracy, completeness and timeliness of the underlying data. 

This role will report to the Cyber Metrics QA Manager and will be primarily responsible for developing and executing strategies to innovate and support the expansion of the CISO Metrics QA program including approach design, development, implementation, reporting, and analysis of the data.

Responsibilities you will have:

• Conduct quality assurance reviews supporting programs and functions across the Information Security and Technology organizations. Such reviews are conducted to validate the output of activities and data quality to ensure the requirements are met in accordance with policies and standards.

• Design, develop, implement, and maintain QA Standards enabling the business and program/process owners to effectively understand responsibilities and manage risk

• Onboard new programs/processes requiring QA reviews by conducting risk/needs assessment studies and providing analysis reports of observations and recommendations to the business/process owners

• Define and test quality assurance checkpoint controls and collaborate with Operations, Engineering, Security and Risk & Controls teams to recommend solutions that improve business processes and reduce risk in the environment 

• Measure the impact of QA observations and decisively take action to help engineering, operations, application, and risk management teams mitigate risks and find operational inefficiencies 

• Manage unresolved QA observations by engaging and partnering with technology and governance teams on a weekly basis to seek resolution 

• Mitigate risk by analyzing the root cause of issues, impacts to business, and required corrective actions and develop security solutions

• Review and analyze exclusion and inclusion criteria and logic on a continuous basis for processes in scope of QA reviews 

• Be a hands-on Subject Matter Expert (SME) with the ability to drive problem solving and root cause analyses, simplify complex messages and summarize key points

• Foster constructive dialogue and facilitate open discussion, sharing of knowledge and experience with customers and stakeholders

• Actively manage relationships with engineering, operations, application, and risk management teams to achieve sustained success

• Educate and train people at all levels on how to apply basic tools and methodologies to achieve improvement objectives

• Establish collaborative development and improvement activities with customers, partners, and stakeholders

Qualifications we need:

• 3-5 years experience in Quality Assurance, Technology, Information Security, Cybersecurity, Risk Management, Governance, Risk and Control (GRC) 

• Technical, Risk Management, and/or Project Management certifications are a plus (e.g. CRISC, CISA, CISM, CISSP, PMP)

• Proficiency with Microsoft Office, advanced Excel skills (e.g. macros, pivots, complex formulas)

• Familiarity with data visualization/analytics business applications such as Tableau, QlikView

• Fluency in English

• Innovate and demonstrate the passion and initiative required to enable growth and progress

• Bring creative approaches to help us drive value for clients

• Ability to influence decisions with senior leadership and business partners when confronted with differing opinions on information security risks

• Proven analytical skills

Desirable Competencies:

• Familiarity with Machine Learning and Artificial Intelligence (AI) is a plus

• Familiarity with technologies such as Windows, Unix/Linux, Middleware, Database, Network, Storage, and Virtualization is a plus

• Knowledge of infrastructure technology and data inventory software/tools is a plus (e.g. Splunk, Qualys, Tanium, Skybox, ServiceNow) 

• Experience in systems administration, database, and software application management is a plus

What we can offer you:

By joining Citi Hungary, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive compensation package and enjoy a whole host of additional benefits that support you (and your family) to be well, live well and save well:

• Cafeteria Program

• Home Office Allowance (for colleagues working in hybrid work models)

• Paid Parental Leave Program (maternity and paternity leave)

• Private Medical Care Program and onsite medical rooms at our offices

• Pension Plan Contribution to voluntary pension fund

• Group Life Insurance

• Employee Assistance Program

• Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed

• Flexible work arrangements to support you in managing work - life balance

• Career progression opportunities across geographies and business lines

• Socially active employee communities with diverse networking opportunities

Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self every day.  We want the best talent around the world to be energized to join us, motivated to stay, and empowered to thrive. 

Sounds like Citi has everything you need? Then apply to discover the true extent of your capabilities.

------------------------------------------------------

Job Family Group:

------------------------------------------------------

Job Family:

------------------------------------------------------

Time Type:

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting