Discover your future at Citi

Working at Citi is far more than just a job. A career with us means joining a team of more than 230,000 dedicated people from around the globe. At Citi, you’ll have the opportunity to grow your career, give back to your community and make a real impact.

Job Overview

The Info Sec Prof Senior Analyst is an intermediate level position responsible for leading efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.

Responsibilities:

Identify potential information security (IS) risks and make recommendations for enhancementCollect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officialsExecute meetings and communicate complex security topics and safe IS practices with all levels of the organizationEnsure that controls are utilized daily and that non-compliance remediation is addressedProvide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or conceptsAssist with defining and implementing IS standards to align procedures and practices in compliance with Citi standardsEducate and advise on safe information security practices and current, changing, and/or recommended information security requirementsValidate compliance with IS policies, practices, and procedures, and resolve a variety of IS related issues in coordination with the businessAssume informal/formal mentorship role within teams and assist with the coaching and training of new team membersHas the ability to operate with a limited level of direct supervision. Can exercise independence of judgement and autonomy. Acts as SME to senior stakeholders and /or other team members.Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

Qualifications:

5-8 years of relevant experienceApplicable Certifications or willingness to earn within 12 months of joiningConsistently demonstrates clear and concise written and verbal communicationProven influencing and relationship management skillsProven analytical skills

Education:

Bachelor’s degree/University degree or equivalent experience

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

Info Sec Prof Senior Analyst position will be responsible for assisting in the engineering of the application connectivity through Security Operations (SECOPS) managed firewalls, the creation and management of the documentation for the connectivity in the Citi Connectivity Registry (CCR), representing the registered connectivity for approval on the Third Party Access Solutions Working Group (3PASWG) Weekly Call, and reviewing the Firewall Change Request for accuracy and compliance to support all third party connectivity. The Analyst will ensure third parties are registered in CASP (Citigroup Approved Service Providers) database and the requested applications are listed in the Citigroup Systems Inventory (CSI) or Citigroup Technology Catalog (CTC). The Analyst will confirm network connectivity by accessing network equipment and confirm configurations and status.The Analyst will work with client organizations, Helpdesk and other CT groups to ensure all firewall and ACL related troubles are corrected and documented in a timely manner.The Analyst must possess the ability to document any new policies and/or procedures into the appropriate format.The Analyst will work with other group members to ensure that the Process Control Management documentation and other documentations (drawings, databases, spreadsheets, etc.) are up to date and accurate.

As a member of Edge Connectivity Security Team (ECS) you will:

Process Firewall, Proxy, RAS requests and perform risk assessments to ensure that the connectivity is compliant with Citi Information Security Standards and IS Policies. Provide Information Security oversight and guidance to Citi businesses requiring 3rd party connectivity as it relates to Citi Information Security Standards and IS Policies.Liaise with multiple technology teams (i.e. CATE Network Engineering; Proxy OPs and Integration; Perimeter Security Ops; System Based Computing; Remote Access Services and Business Information Security Officers); to facilitate cross functional solutions as it relates to 3rd party connectivity aligning with Citigroup Information Security Standards.Modality solutions include (but not limited to) RAS, B2B, Firewall; Proxy; and TPA solutions. Test and pilot system enhancements/changes and/or other.Complete all tasks – having connection with the organization’s activity but not detailed in the JDs – charged by the manager or superior. Identify and develop new and improved technical procedures and process control manualsIdentify significant IS threats and vulnerabilities as it relates to connectivity requests.Assume informal/formal mentorship role within teams and assist with the coaching and training of new team membersAppropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency.

------------------------------------------------------

Job Family Group:

Technology

------------------------------------------------------

Job Family:

Information Security

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Most Relevant Skills

Please see the requirements listed above.

------------------------------------------------------

Other Relevant Skills

For complementary skills, please see above and/or contact the recruiter.

------------------------------------------------------

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View Citi’s EEO Policy Statement and the Know Your Rights poster.