Cybersecurity Manager's Control Assessment (MCA) Business Risk Officer

About Our Team:

CISO Governance, Controls, and Policy is responsible for providing governance, oversight, risk management, and strategic planning for CISO; as well as Third Party Information Security Assessments (TPISA). The team is also responsible for CISO Program and Performance Management including oversight of CISO’s book of work, maintaining a CISO strategy aligned with industry and regulatory requirements, and CISO’s performance management processes to ensure key IS metrics are in place to determine compliance with Citi’s standards. In addition, the team is responsible for the governance and oversight of Risk Management programs across CISO.

CISO MCA, Regulatory Management, Controls, and Quality Assurance is responsible for Cyber MCA Governance and CISO MCA Transformation, Cyber CoB, TPM Governance, and Records Management, Cyber Quality Assurance services for Third Party Information Security Assessments, Information Security Risk Assessments, Vulnerability and Threat Management programs. Additionally, the team supports Cyber Regulation Management which involves managing new and updated regulations through conducting thorough impact assessments and ensuring closure of action plans.

Our commitment to diversity includes a workforce that represents the clients we serve globally from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We’ll enable growth and progress together.

This role will report to the Cybersecurity MCA Group Manager, responsible for programs and activities related to Citi’s Transformation for the Manager’s Control Assessment (MCA) and implementation of the future-state MCA for CISO organization. This role will be dedicated on transformation efforts and high-quality implementation as well as support execution of current MCA business-as-usual (BAU) activities and implement a sustainable program that can cater to CISO/Cyber’s needs.

What you will do:

• Manage the planning, coordination, and execution of MCA Transformation program for CISO

• Lead efforts in Global Process MCA Profiles (GPMPs) and Continuous Risk Management (CRM) for CISO  

• Gain expert-level knowledge of MCA Standard, Procedure, and tools to support future-state MCA

• Support CISO Business Processes, Control Owners, and Global Assessment Unit (GAU) Owners in their responsibilities related to MCA execution

• Identify and document key controls necessary for mitigation of cybersecurity risk

• Be a hands-on Subject Matter Expert (SME) with the ability to drive problem solving and root cause analyses, simplify complex messages and summarize key points

• Partner with CISO’s Enterprise Architecture Methodology (EAM) Lead team by which taxonomies and processes interlink with each other, establishing a multifaceted matrix to inform decision-making and simplification

• Foster constructive dialogue and facilitate open discussion, sharing of knowledge and experience with customers and stakeholders

• Actively manage relationships with CISO business partners and risk management teams to achieve sustained success

• Educate and train people at all levels on how to apply basic tools and methodologies to achieve improvement objectives

• Establish relationships that balance short-term gains with long-term considerations.

Your profile:

• Have at least 8+ years of relevant experience

• Experience in Manager’s Control Assessment (MCA), Operational Risk, Information Security, Cybersecurity, Risk Management, and/or Governance, Risk and Control (GRC)

• Risk Management, Cybersecurity, and/or Project Management certifications are a plus (e.g. CRISC, CISA, CISM, CISSP, PMP)

• Bring creative approaches to help us drive value for clients

• Ability to influence decisions with senior leadership and business partners when confronted with differing opinions on information security risks

• Proficiency with Microsoft Office, advanced Excel skills (e.g. macros, pivots, complex formulas)

• Knowledge of data visualization/analytics business applications such as Tableau, QlikView, and Microsoft Power BI

• Familiarity with Machine Learning and Artificial Intelligence (AI) is a plus

• Fluent in English (ability to read, write, and speak)

What we can offer you:

By joining Citi Hungary, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive compensation package and enjoy a whole host of additional benefits that support you (and your family) to be well, live well and save well:

• Cafeteria Program

• Home Office Allowance (for colleagues working in hybrid work models)

• Paid Parental Leave Program (maternity and paternity leave)

• Private Medical Care Program and onsite medical rooms at our offices

• Pension Plan Contribution to voluntary pension fund

• Group Life Insurance

• Employee Assistance Program

• Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed

• Flexible work arrangements to support you in managing work - life balance

• Career progression opportunities across geographies and business lines

• Socially active employee communities with diverse networking opportunities

Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self every day.  We want the best talent around the world to be energized to join us, motivated to stay, and empowered to thrive. 

Sounds like Citi has everything you need? Then apply to discover the true extent of your capabilities. 

#LI -OD1

------------------------------------------------------

Job Family Group:

------------------------------------------------------

Job Family:

------------------------------------------------------

Time Type:

------------------------------------------------------

Citi is an equal opportunity and affirmative action employer.

Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View the "EEO is the Law" poster. View the EEO is the Law Supplement.

View the EEO Policy Statement.

View the Pay Transparency Posting